Hi,
> redundant {
> mschap.domain1
> mschap.domain2
> }
thats just redundancy....so if the first one answers...then thats that.
you need fail-through eg something like
Auth-Type MS-CHAP {
group {
mschap.domain1 {
reject = 1
ok = return
}
mschap.domain1 {
ok = return
}
}
}
ie try mschap.domain1 and if it fails, then dont care about the result and try
doamin2
instead. obviously, once you have more in one than the other, then you want to
switch them over.
we used this sort of construct when moving to a new AD domain.
alan
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
