On Thu, 26 Nov 2009 18:21:29 -0000 (UTC) tnt@kalik.net wrote:
As i doesn't have any other auth rather LDAP it is done automatically. I hope so. ;-)
Enable files (and comment out ldap entries) and put:
DEFAULT Auth-Type := tam
at the top of the users file. That's much cheaper way.
Hm... I think i don't understand you. What to disable in what section? authorize or authentificate?
Remove tam and lotus from authorize section of default virtual server - you are not authorizing anything just doing authentication. Instead just put that line at the top of the users file and enable files in authorize.
Check base_dn. You say it is different but server debug would disagree.
But they are.
ldap tam { server = "skoll-vm1.kmz.ts" basedn = "o=tamknown" filter = "(uid=%{User-Name})" authtype = tam start_tls = no dictionary_mapping = ${raddbdir}/ldap.attrmap ldap_connections_number = 5 timeout = 4 timelimit = 3 net_timeout = 1 compare_check_items = no do_xlat = no access_attr_used_for_allow = no set_auth_type = yes } ldap lotus { server = "ldap.kmz.ts" basedn = "o=tsas" filter = "(uid=%{User-Name})" authtype = lotus start_tls = no dictionary_mapping = ${raddbdir}/ldap.attrmap ldap_connections_number = 5 timeout = 4 timelimit = 3 net_timeout = 1 compare_check_items = no do_xlat = no access_attr_used_for_allow = no set_auth_type = yes }
Post the debug of server startup (part before requests can be processed. Ivan Kalik