> How should i call the ldap module in the post_proxy section (in >Freeradius v1 or v2...)? > > It should perhaps be easier to ask a single question rather than in my >long request posted yesterday...;o) > > In Freeradius v1, i can merge in an access-accept response radius >attribute to a proxy reply. > >radiusd.conf >------------ >.... >authorize { > ... > suffix > ldap > ... >} > >post_proxy { > eap >} >.... > >proxy.conf >---------- >proxy server { > ... ># ># Older versions of the server would pass proxy requests through the ># 'authorize' sections twice; once when the packet was received ># from the NAS, and again after the reply was received from the home ># server. Now that we have a 'post_proxy' section, the replies from ># the home server should be sent through that, instead of through ># the 'authorize' section again. ># ># However, for backwards compatibility, this behaviour is configurable. ># The default configuration is 'yes', for backwards compatibility. ># To use ONLY the new 'post_proxy' section, set this value to 'no'. ># > post_proxy_authorize = yes > ... >} > >realm otp { > type = radius > authhost = myproxyradius:1812 > secret = xxxxxxx >} > > >And it works because it parses twice the authorization section (as i >seemed to understand, sorry i'm french ;o))...a thing that doesn't >happen in v2.x... >
I think you should list authorize.ldap to execute ldap from authorize section. Ivan Kalik Kalik Informatika ISP - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html