LDAP with fallback on local authentication?
Ivan Kalik
tnt at kalik.net
Sun Apr 12 20:48:39 CEST 2009
> You've mentioned a few times that LDAP is not meant for authentication,
however the default config that ships with FreeRADIUS has LDAP in
> the authentication section. Could you clear that up a little for me
please? (or point me to somewhere it's been cleared up before?)
Don't force Auth-Type Ldap.
But you will have to use two sql instances - one to store reply info and one
to store backup passwords. You can't store passwords in sql (used for reply
attributes) and ldap as well.
authorize {
...
sql_reply
ldap
if (notfound | fail) {
sql_bkp_pass
}
...
}
Ivan Kalik
Kalik Informatika ISP
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20090412/0668164f/attachment.html>
More information about the Freeradius-Users
mailing list