radiusd: FreeRADIUS Version 1.1.3, for host x86_64-redhat-linux-gnu, built on Apr 25 2007 at 09:04:23
Upgrade. http://wiki.freeradius.org/Red_Hat_FAQ#Current_Pre-built_RPM.27s_for_RHEL_5_...
I need to make an authorization of some RADIUS clients in LDAP by RADIUS. Clients need only to check passwords. I can check this in ONE LDAP server at a time without problems. It's work fine. But i need some different.
I need to check user/password in TWO different LDAP server. If ANY of LDAPs tell "password is ok" RADIUS must accept this userid/passwd pair. Userlists in this two LDAP have some overlap. Most (but not all) of the users presents in BOTH of LDAP servers. Passwords between LDAP servers are different.
With curent configuration i get this:
if username aren't found in first LDAP lets proceed to the next if username aren't found in second LDAP lets DENY access
You probably don't need that after upgrade. Just force Auth-Type LDAP in users file.
if username is found in first LDAP and password is accepted by first LDAP lets ALLOW access. if username is found in first LDAP and password aren't accepted by first LDAP lets DENY access.
RADIUS doesn't check password in the second LDAP server. I know why but i doesn't know how to change this behavior.
Create failover inside Auth-Type LDAP: Auth-Type LDAP { tam { reject = 2 } if(reject) { lotus } } Ivan Kalik