Hello:
I have been asked to mantain a recently installed freeradius server, but
I am not the person who installed it and I am quite new to radius, and
don't want to mess it up.
This radius server makes use of the "ldap" module to make queries to an
ldap server that we already have.
Now, we have a new client, which needs a different configuration for the
ldap module. It needs a different query than the rest of the clients.
I've read the Autz-Type document which is in the distribution, and it
seems that there is a way to "select between multiple instances of a
module (ldap) which have been configured differently" (literally copied
from that doc). Next in that document, there is an very simple example
of what the radius.conf and users files should look like, here it is:
radiusd.conf-
authenticate{
Auth-Type customer1{
ldap1
}
Auth-Type customer2{
ldap2
}
}
authorize{
preprocess
suffix
Autz-Type customer1{
ldap1
}
Autz-Type customer2{
ldap2
}
files
}
-
users file---
DEFAULT Realm == "customer1", Autz-Type := customer1, Auth-Type := customer1
DEFAULT Realm == "customer2", Autz-Type := customer2, Auth-Type := customer2
If i have not missed anything, this examples decides whether the user
should use the first or the second ldap instance looking at the user's
realm. But, is there a way to choose the first instance for all but one
of the radius clients and the second instance for the remaining client?
In other words, how do you discriminate which ldap instance to use in
basis of the client that uses the radius server?
Thank you.
--
Teo Romera <[EMAIL PROTECTED]>
--
Teo Romera <[EMAIL PROTECTED]>
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
