Zitat von Phil Mayers <[EMAIL PROTECTED]>: > Markus Krause wrote: > >> i am not sure if your approach could really fullfill my needs (no >> redundancy, serving different types of "requests") ... but i would >> really like to know ;-) > > Hmm. > > Without more details it's difficult to say, but what you need does not > sound excessively difficult. At most, Autz-Type should suffice. Why are > you finding you need to set Auth-Type? i thought this is necessary as i use redundant sections. in users i have something like:
DEFAULT Huntgroup-Name == vpn, Autz-Type := LdapUser, Auth-Type := LdapUser some parts of my radiusd.conf: ----- radiusd.conf parts modules { ... ldap LdapUser1 { .... ldapserv1 } ldap LdapUser2 { .... ldapserv2 } ... } authorize { ... Autz-Type LdapUser { redundant { LdapUser1 LdapUser2 } } ... } authenticate { ... Auth-Type LdapUser { redundant { LdapUser1 LdapUser2 } } ... } ----- it seems that if the authorization is successfully done by LdapUser1 the Auth-Type is set LdapUser1. if i do not set it to LdapUser in the file users i get the error message "No authenticate method (Auth-Type) configuration found for the request: Rejecting the user". if i set Auth-Type to LdapUser in users it works. it also works without setting this if i do not use redundant settings (just call the module LdapUser). > The ldap module can be peculiar in this regard - are you authenticating > the users by doing simple bind, or are you extracting the passwords from > ldap and using rlm_pap and such? i am just authenticating by doing simple bind. if i should post more details please let me know! with best regards markus ---------------------------------------------------------------------- This message was sent using https://webmail2.biochem.mpg.de If you encounter any problems please report to [EMAIL PROTECTED] - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html