On Wed, Aug 11, 2010 at 12:40 PM, Alan DeKok <aland@deployingradius.com>wrote:
Peter Lambrechtsen wrote:
I have figured out where my mistake was. I needed to have the users file being used in the authorize section, but I shouldn't have had "Auth-Type := Accept" at the end of each line for the Groups, otherwise if the Auth-Type is set to Accept the authenticate section is never run through.
That's pretty much what I was trying to explain earlier. When you posted another config snippet that *didn't* follow my advice, I lost interest in the thread.
Fair enough, you do get a lot of silly setup questions which you answer most of the time ;)
I have *no* idea why so many people insist on forcing Auth-Type. It causes problems in 99.9% of the situations, including this one.
Understood, I had just taken examples off the internet about how to setup LDAP Auth, which was very misleading by having the Auth-Type being set which caused all of my issues in the first place. My offer still stands to write up a wiki entry for this, as it seems to be quite a common question and use case that could be answered with a wiki entry.