On Tue, 15 Jun 2004, Michael Check wrote: > This was the first try in thinking that the Authentication would cascade > through the servers. I had set up diff groups in testing, but couldn't get > freeRADIUS to come up with the correct Auth-Type (like you suggest below). > > >> How can we get freeRADIUS to know that we're authenticating off the _second_ > >> LDAP server? > > > > Put the ldap modules into different authtype groups: LDAP1 and > > LDAP2, and then set Auth-Type to one of LDAP1 or LDAP2. > > OK. I can place them in diff groups as I show below, but how (and where) do > I set the correct Auth-Type?
Is there something in the radius packet that would tell you which domain they are from? Username or NAS-IP? If so, then you can put that in the users file and use huntgroups. in huntgroups. somedomain NAS-IP-Address == 1.1.1.1 otherdomain NAS-IP-Address == 2.2.2.2 in users DEFAULT Huntgroup-Name == somedomain, Autz-Type := LDAP1, Auth-Type := LDAP1 Fall-Through = no DEFAULT Huntgroup-Name == otherdomain, Autz-Type := LDAP2, Auth-Type := LDAP2 Fall-Through = no - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html