I want to configure the following redundant config:
A user is tested in mysql, if that fails ldap should be tested
afterwards (or ldap, then mysql)
I have read configurable-failover, but i don't find the logic to
combine the sql authorization (no authentification since 0.5) and the
ldap authentication into one redundant group.
I have found a solution:
authorize {
preprocess
suffix
group {
ldap {
reject = return
fail = 1
ok = return
handled = return
invalid = return
userlock = return
notfound = 2
noop = return
updated = return
}
sql {
reject = return
fail = return
ok = return
handled = return
invalid = return
userlock = return
notfound = return
noop = return
updated = return
}
}
}
and ldap in authenticate
Probably there is a better solution.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html