error in configurable failover?
Dusty Doris
freeradius at mail.doris.cc
Thu Dec 1 00:33:18 CET 2005
> Norbert Wegener <nw at sbs.de> wrote:
>> authenticate {
>> #ldap1
>> group {
>> ldap1 {
>
> You can't use anonymous groups in the "authenticate" section. You
> have to explicitely use "Auth-Type", and give it a name. This is
> because only ONE auth-type is run from that section. So if you had an
> anonymous group, it would never get run, because you could never
> reference it by name.
>
> Alan DeKok.
Say you had two ldap instances.
authorize {
redundant {
ldap1
ldap2
}
}
authenticate {
ldap1
ldap2
}
Say you had 4 ldap instances. Two for dial users and two for isdn users.
They point to the same servers, but with different configurations.
authorize {
Autz-Type dial {
redundant {
ldap_dial1
ldap_dial2
}
}
Autz-Type isdn {
redundant {
ldap_isdn1
ldap_isdn2
}
}
}
authenticate {
Auth-Type dial {
ldap_dial1
ldap_dial2
}
Auth-Type adsl {
ldap_isdn1
ldap_isdn2
}
}
In that case, you would need to declare these somewhere, such as the users
file.
DEFAULT NAS-Port-Type == Async, Autz-Type := dial, Auth-Type := dial
DEFAULT NAS-Port-Type == ISDN, Autz-Type := isdn, Auth-Type := isdn
More information about the Freeradius-Users
mailing list