users-file overruling anything else

Alan DeKok aland at deployingradius.com
Fri Oct 6 18:32:36 CEST 2006


"florian.prester" <Florian.Prester at rrze.uni-erlangen.de> wrote:
> Now my problem are users not listed in the ldap-system. I want to use 
> the  users-file to overrule the ldap-system. Meaning if a user is found 
> in the users-file and the password matches, ignore everything else.

  The problem is that the "users" file doesn't do authentication.  It
only stores a "known good" password for a user.

  My suggestion is to do:

authorize {
     preprocess
     chap
     mschap
     eap
     perl
     files {
	   ok = return
	   updated = return
     }
     ldap
}

  And PLEASE don't set "Auth-Type := Local".  The "users" file entries
should look like:

username    User-Password := "password"
	    ...



  Alan DeKok.
--
  http://deployingradius.com       - The web site of the book
  http://deployingradius.com/blog/ - The blog



More information about the Freeradius-Users mailing list