Sambuddho Chakravarty wrote: > Yes , but on a freeradius-2.05 , when I create a separate authenticate > {} and authorize {} subsection and plug in the following : > > authorize { > Autz-Type LDAP {
You don't need to use Autz-Type in 2.0. > authenticate { > Auth-Type LDAP{ > redundant{ Don't use redundant sections here. Just list the two LDAP modules independently. The LDAP server that was used in the authorize section will ensure that it is also used in the authenticate section. > ${confdir}/modules/ldap1 And I hope that's not what I think it is. > It doesn't work. See the FAQ for "it doesn't work". > Here the ldap1 and ldap2 are two separate files in > the /etc/raddb/modules directory and have separate ldap server IP > addresses. Can anyone please point out to me where I am going wrong ? Lots. The major one is that you are putting the module *configuration* into the authorize and authenticate sections. I have no idea why you think that's a good idea. The examples included in the server DO NOT DO THIS. The files in the "modules" directory belong in the "modules" section of radiusd.conf. This is documented in the comments, and in many examples. The entries in the "authorize" and "authenticate" sections are simply a one-word reference to the name of a module. Again, this is documented in the comments and in many examples. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html