27 Sep
2005
27 Sep
'05
4:05 p.m.
Ben Dowling <bendowling@lineone.net> wrote:
Sorry I was referring to the username, the CN in the certificate gets sent as the username. My problem is how to reject users with valid certificates, but no entry in the database?
doc/configurable_failover configure a module "always reject" (see radiusd.conf) In "authorize", do: ... group { sql { notfound = 1 ok = return fail = return everything_else = return } reject } That says "if the user isn't found in SQL, reject" Alan DeKok.