hi, no, if i write authtype, radiusd shows following errormessage:
radiusd.conf[1168] Subsection of module instance call not allowed if i write autztype, radiusd starts. Regards chris >>> [EMAIL PROTECTED] 18.04.2005 14:02:05 >>> Hi, isnt this a typo?? autztype LDAP { should be AUTHTYPE??? Regards, Edvin -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of freeradius Sent: Montag, 18. April 2005 13:34 To: freeradius-users@lists.freeradius.org Subject: Two LDAP-Servers Hello, i tried to implement freeradius 0.8 with two ldapservers for authentication. i want freeradius to check the one ldap-server first, if user not found, the other server shoud be asked. But the second server will only be used by the radius-server, if the first server is unreachable. If user is not found in server ldap1 freeradius says: rlm_ldap: object not found or got ambiguous search result ldap_release_conn: Release Id: 0 modcall[authenticate]: module "ldap1" returns notfound modcall: group authtype returns notfound auth: Failed to validate the user. Can anyone help me? Best regards chris _____________________________________________ ldapconfig in "radiusd.conf": ldap ldap1 { server = "sldap1.mydomain.de" identity = "cn=user,o=level1" password = "" basedn = "o=level1" filter = "(uid=%{Stripped-User-Name:-%{User-Name}})" start_tls = no dictionary_mapping = ${raddbdir}/ldap.attrmap ldap_connections_number = 5 password_attribute = userPassword timeout = 4 timelimit = 3 net_timeout = 1 notfound = 1 } ldapconfig in radiusd.conf: ldap ldap2 { server = "sldap2.mydomain.de" identity = "cn=user,o=level1" password = "" basedn = "o=level2" filter = "(uid=%{Stripped-User-Name:-%{User-Name}})" start_tls = no dictionary_mapping = ${raddbdir}/ldap.attrmap ldap_connections_number = 5 password_attribute = userPassword timeout = 4 timelimit = 3 net_timeout = 1 notfound = 1 } authorize { preprocess chap mschap suffix files autztype LDAP { redundant { ldap1 ldap2 notfound = 1 } } } authenticate { authtype PAP { pap } authtype CHAP { chap } authtype MS-CHAP { mschap } unix authtype LDAP { ldap1 ldap2 } } preacct { preprocess suffix files } file "user" contains: DEFAULT Auth-Type := LDAP Fall-Through = 1 DEFAULT Service-Type == Framed-User Framed-IP-Address = 255.255.255.254, Framed-MTU = 576, Service-Type = Framed-User, Fall-Through = Yes DEFAULT Framed-Protocol == PPP Framed-Protocol = PPP, Framed-Compression = Van-Jacobson-TCP-IP DEFAULT Hint == "CSLIP" Framed-Protocol = SLIP, Framed-Compression = Van-Jacobson-TCP-IP DEFAULT Hint == "SLIP" Framed-Protocol = SLIP .+w m *m z yv+*+ - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html