users file question
Aqdas Muneer
aqdas.muneer at gmail.com
Mon Aug 16 23:07:57 CEST 2010
thank you for the quick response. the reason i created the admin account was
for use during ldap outages and you are correct that this account does not
exist in ldap. what would be a better way to go about accomplishing this. i
want the admin account to be only available during times when the ldap
module returns 'fail'?
On Mon, Aug 16, 2010 at 4:53 PM, Alan DeKok <aland at deployingradius.com>wrote:
> Aqdas Muneer wrote:
> > I have setup a freeradius server version 2.1.7 using ldap for
> > authentication. What i'm having trouble understanding is that in my
> > users file i have a local user called admin. The default user account
> > (for ldap) is listed before the admin account in the users file. since i
> > have not configured Fall-Through i would expect the admin account to not
> > be accessible if ldap query fails, but it is accessible. is my
> > assumption wrong?
>
> No. But if the DEFAULT doesn't match, it will try the "admin" entry.
>
> Again... run it in debugging mode to see what's happening. In this
> case, you *will* see that (a) the request isn't coming from that
> huntgroup, or (b), the user isn't in that LDAP group.
>
> Alan DeKok.
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20100816/fbe56f80/attachment.html>
More information about the Freeradius-Users
mailing list