"florian.prester" <Florian.Prester@rrze.uni-erlangen.de> wrote:
Now my problem are users not listed in the ldap-system. I want to use the users-file to overrule the ldap-system. Meaning if a user is found in the users-file and the password matches, ignore everything else.
The problem is that the "users" file doesn't do authentication. It only stores a "known good" password for a user. My suggestion is to do: authorize { preprocess chap mschap eap perl files { ok = return updated = return } ldap } And PLEASE don't set "Auth-Type := Local". The "users" file entries should look like: username User-Password := "password" ... Alan DeKok. -- http://deployingradius.com - The web site of the book http://deployingradius.com/blog/ - The blog