Message: 6
Date: Fri, 16 Jun 2006 09:44:29 -0700 (PDT)
From: fvt3 <[EMAIL PROTECTED]>
Subject: Re: Two Ldaps Authentication
To: FreeRadius users mailing list
<freeradius-users@lists.freeradius.org>
Message-ID: <[EMAIL PROTECTED]>
Content-Type: text/plain; charset=iso-8859-1
Alan,
This is what I have in my radius.conf
Autz-Type LDAP1{
ldap_ldap1{
invalid=return
}
ldap_ldap2
}
Auth-Type LDAP1 {
redundant{
ldap_ldap1{
}
ldap_ldap2
}
users file
DEFAULT Auth-Type = LDAP1
Fall-Through = No,
Reply-Message = "ldap login"
I'm forcing radius to lookup user in ldap1(ldap) and
ldap2(Active Directory). The same user name can
reside on both db backend. With this setup, radius
only works if the user name does not exist on both db.
If user John is on both db, it would only
authenticate off LDAP1 and not in LDAP2.
Here is my log
<snip>
correct...this is the way you have it configured.
as long as ONE ldap server answers the request (whether it be an
authentication allowed or rejected) it still answered. so it won't fail
over to the next ldap server...
--- Alan DeKok
--
Terry J Fike Jr
System Administrator
MTA Solutions
907-793-4100
[EMAIL PROTECTED]
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
