Concatenation of authentication
Jérôme MATER
jmater at protego.net
Wed May 7 17:34:09 CEST 2014
Hi Alan,
Thanks for your answer.
There 4000 users! And the priority is the authentication with token.
SQL database should be use only if a user loses his token.
The solution would be to have 2 freeradius, one for token authentication
and the other one for SQL database ?
Regards,
Jérôme
Le 07/05/2014 13:14, Alan DeKok a écrit :
> Jérôme MATER wrote:
>> I have made both configurations and it works separately. However, the
>> goal is :
>>
>> 1) I want to authenticate users with Windows Radius server and
>> authentication with token
>> 2) If authentication 1 failed, then user tries to connect on the SQL
>> database automatically.
> That's not really how RADIUS works. If the user is rejected, you
> can't turn that into an accept.
>
>> I've tried with post-auth section, post-proxy section...
>>
>> Is it possible ? How can I do that.
> You can't.
>
> Instead, determine which users should use SQL, and which users should
> authenticate via the Windows RADIUS server. Then, make them do that.
>
> Alan DeKok.
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20140507/397f7591/attachment.html>
More information about the Freeradius-Users
mailing list