Michael, You might be able to use nsswitch/pam to do the job. I'm not sure if there is an auth_mysql module for pam, but I know you can tell it what order in which to use the auth mechanisms that it has. For example:
____SNIP____ start /etc/nsswitch.conf passwd: ldap files shadow: ldap files group: ldap files ____SNIP____ end /etc/nsswitch.conf You could then use Auth-Type := PAM and let pam do the work for you. If there isn't a MySQL module for pam (I'm honestly not sure). You should be able to use/modify some of the external auth code from qmail to make your own external auth mechanism for FreeRADIUS--which I'm fairly sure it supports. Another option would be to rebuild the local .db files from the mysql table when changes are made (NOTE: MySQL now supports perl-based stored procedures). SSH/rsync might help do the trick securely for you there. Cheers, Mike Michael Dodd wrote: > Thanks for the info Alan! After I wrote the email I started to consider > that It may not be possible. I guess I should have spent more "quality > time" with the docs, but I wasn't even sure that fail-over was what I was > dealing with. Thanks again! > ----- Original Message ----- > From: <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]> > Sent: Saturday, September 29, 2001 6:10 AM > Subject: Re: Default entries in raddb/users file > > > >>"Michael Dodd" <[EMAIL PROTECTED]> wrote: >> >>>The goal is to have a radius server that will first attempt to >>> > authenticate > >>>from the FreeBSD system files ( /etc/passwd ) and if that fails, try to >>>authenticate from the MySQL database. >>> >> OK, the fail-over mechanism isn't well documented in the >>radiusd.conf file. See the file 'doc/configurable_failover' for more >>information. >> >> And you might not even be able to do it, anyways. Right now, the >>server really only does one kind of authentication at a time. You can >>pick between them on the fly, but each request will use only one >>authentication. >> >> Alan DeKok. >> >>- >>List info/subscribe/unsubscribe? See >> > http://www.freeradius.org/list/users.html > > > > - > List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html > > > - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
