radius + rlm_ldap: alter auth-type if server not reachable
Thomas Dupas
thomas at dupas.be
Sun Aug 21 16:39:23 CEST 2011
Hi,
I found a reference in the mailing list now (must have used the wrong search parameters before) with a hint:
http://lists.cistron.nl/pipermail/freeradius-users/2011-April/msg00450.html
But it still returns a REJECT -> " Using Post-Auth-Type Reject"
In the authorize section of sites-enabled/default I have put
" ldap {
fail = 1
}
if (fail) {
do_not_respond
}"
Radius -X returns the following when the ldap server is down:
++[ldap] returns fail
++? if (fail)
? Evaluating (fail) -> TRUE
++? if (fail) -> TRUE
++- entering if (fail) {...}
+++- entering policy do_not_respond {...}
++++[control] returns fail
++++[handled] returns handled
+++- policy do_not_respond returns handled
++- if (fail) returns handled
Using Post-Auth-Type Reject
+- entering group REJECT {...}
What am I missing here?
Br,
Thomas
More information about the Freeradius-Users
mailing list