LDAP server per realm
Alan DeKok
aland at deployingradius.com
Tue Apr 17 03:43:54 CEST 2007
Sean McNamara wrote:
> I'm working on finding a way to define multiple local realms and have
> each have a unique ldap profile associated with them. We want one
> associated with a particular realm, and the other to be the
> catchall/default case. In addition to this, we're also using EAP/TTLS,
> which may or not complicate the situation.. After googling a bit, I was
> under the impression that something along the following lines should work:
> Here are the relevant parts of the the files I modified:
...
> in dictionary:
Please don't edit the dictionaries. The VALUEs you defined are
already defined as something else. And the server will automatically
create the relevant values for you, so there's no need to edit the
dictionaries.
> in users:
> DEFAULT Domain == "VLS", Autz-Type := VLS
There is no "Domain" attribute. You mean "Realm".
> When I attempt to authenticate, regardless of whether I specify a realm
> or not, it only checks the vuldap servers. Any suggestions would be
> greatly appreciated!
If you run the server in debugging mode, you will see that your
current configuration does *not* match the entry in the "users" file
that you have. Make the changes I suggest, and it should work.
Alan DeKok.
--
http://deployingradius.com - The web site of the book
http://deployingradius.com/blog/ - The blog
More information about the Freeradius-Users
mailing list