ldap authentication using free radius
Aqdas Muneer
aqdas.muneer at gmail.com
Tue Aug 10 17:05:13 CEST 2010
so this is what i have in my users file. how can i make it so that the admin
account is only used if AD is inaccessible?
admin Huntgroup-Name == "network-admin", Cleartext-Password :=
"xxxxxxxxx"
Service-Type := NAS-Prompt-User,
cisco-avpair := "shell:priv-lvl=15"
DEFAULT Huntgroup-Name == "network-admin", Ldap-Group ==
"networkadmins"
Service-Type := NAS-Prompt-User,
cisco-avpair := "shell:priv-lvl=15",
Auth-Type := LDAP
On Tue, Aug 10, 2010 at 10:59 AM, Nicolas Goutte <
nicolas.goutte at extragroup.de> wrote:
>
> Am 10.08.2010 um 16:54 schrieb Aqdas Muneer:
>
> Hello,
>
> We recently had a event during which our radius server lost connectivity to
> our Active Directory server. all the network gear could contact radius so
> none fell back to the backup authentication method (local), but because AD
> was down we couldn't get into our devices. is there a way to use some
> locally stored password in free radius if the ldap server cant be reached?
>
>
> You can for example use the users file.
>
>
> Thanks,
>
> Aqdas
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>
>
> Have a nice day!
>
> Nicolas Goutte
>
>
> extragroup GmbH - Karlsruhe
> Waldstr. 49
> 76133 Karlsruhe
> Germany
>
> Geschäftsführer: Lars Busch
> Registergericht: Amtsgericht Münster / HRB: 5624
> Steuer Nr.: 337/5903/0421 / UstID: DE 204607841
>
>
>
>
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20100810/d58474dd/attachment.html>
More information about the Freeradius-Users
mailing list