Allowing Access via 'users' when LDAP fails

Amaru Netapshaak postfix_amaru at
Wed Jan 27 22:12:06 CET 2010


I've got FreeRADIUS querying an OpenLDAP server successfully. Users can login and
their appropriate VLAN information is returned and everythings great.  Right now, if a user
isnt found in the LDAP database, a reject is returned to the switch and the port goes
offline. What I'd rather have,is RADIUS reply with a standard response (if the LDAP
auth fails).

I tried to do this in the users file, by moving 'files' to below 'ldap' in sites-enabled/default
and then creating a DEFAULT entry in users that returned the VLAN information I wanted,
but then it didnt include other relevant info that the switch needs.

Am I on the right track?


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the Freeradius-Users mailing list