On Mon, Apr 13, 2009 at 4:48 AM, Ivan Kalik <t...@kalik.net> wrote: > > You've mentioned a few times that LDAP is not meant for > authentication, however the default config that ships with FreeRADIUS has > LDAP in > > the authentication section. Could you clear that up a little for me > please? (or point me to somewhere it's been cleared up before?) > > Don't force Auth-Type Ldap. > > But you will have to use two sql instances - one to store reply info and > one to store backup passwords. You can't store passwords in sql (used for > reply attributes) and ldap as well. > authorize { > ... > sql_reply > ldap > if (notfound | fail) { > sql_bkp_pass > } > ... > } > >
Works perfectly. Exactly what I was after. Thanks Ivan. Regards, Justin
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html