ldap authentication using free radius
Hello, We recently had a event during which our radius server lost connectivity to our Active Directory server. all the network gear could contact radius so none fell back to the backup authentication method (local), but because AD was down we couldn't get into our devices. is there a way to use some locally stored password in free radius if the ldap server cant be reached? Thanks, Aqdas - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: ldap authentication using free radius
Am 10.08.2010 um 16:54 schrieb Aqdas Muneer: Hello, We recently had a event during which our radius server lost connectivity to our Active Directory server. all the network gear could contact radius so none fell back to the backup authentication method (local), but because AD was down we couldn't get into our devices. is there a way to use some locally stored password in free radius if the ldap server cant be reached? You can for example use the users file. Thanks, Aqdas - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html Have a nice day! Nicolas Goutte extragroup GmbH - Karlsruhe Waldstr. 49 76133 Karlsruhe Germany Geschäftsführer: Lars Busch Registergericht: Amtsgericht Münster / HRB: 5624 Steuer Nr.: 337/5903/0421 / UstID: DE 204607841 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: ldap authentication using free radius
so this is what i have in my users file. how can i make it so that the admin account is only used if AD is inaccessible? admin Huntgroup-Name == network-admin, Cleartext-Password := x Service-Type := NAS-Prompt-User, cisco-avpair := shell:priv-lvl=15 DEFAULT Huntgroup-Name == network-admin, Ldap-Group == networkadmins Service-Type := NAS-Prompt-User, cisco-avpair := shell:priv-lvl=15, Auth-Type := LDAP On Tue, Aug 10, 2010 at 10:59 AM, Nicolas Goutte nicolas.gou...@extragroup.de wrote: Am 10.08.2010 um 16:54 schrieb Aqdas Muneer: Hello, We recently had a event during which our radius server lost connectivity to our Active Directory server. all the network gear could contact radius so none fell back to the backup authentication method (local), but because AD was down we couldn't get into our devices. is there a way to use some locally stored password in free radius if the ldap server cant be reached? You can for example use the users file. Thanks, Aqdas - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html Have a nice day! Nicolas Goutte extragroup GmbH - Karlsruhe Waldstr. 49 76133 Karlsruhe Germany Geschäftsführer: Lars Busch Registergericht: Amtsgericht Münster / HRB: 5624 Steuer Nr.: 337/5903/0421 / UstID: DE 204607841 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html