unlang and 1st of 4 ldap source fail
Gary Prosser
gary.prosser at trinity-bris.ac.uk
Fri Jul 30 17:15:03 CEST 2010
Thanks Alan
I've got the desired result (if ldap1 result is fail or notfound
continue; if ok then stop) using the stanza below
authorize {
preprocess
chap
mschap
suffix
redundant {
ldap1 {
fail = 1
noop = 2
notfound = 3
ok = return
reject = return
userlock = return
invalid = return
}
ldap3 {
fail = 1
noop = 2
notfound = 3
ok = return
reject = return
userlock = return
invalid = return
}
ldap2 {
fail = 1
noop = 2
notfound = 3
ok = return
reject = return
userlock = return
invalid = return
}
ldap4 {
fail = 1
noop = 2
notfound = 3
ok = return
reject = return
userlock = return
invalid = return
}
}
}
Gary
-
IT Manager
Trinity College, Bristol (http://www.trinity-bris.ac.uk)
-----Original Message-----
From: Alan DeKok <aland at deployingradius.com>
Reply-To: FreeRadius users mailing list
<freeradius-users at lists.freeradius.org>
To: FreeRadius users mailing list
<freeradius-users at lists.freeradius.org>
Subject: Re: unlang and 1st of 4 ldap source fail
Date: Fri, 30 Jul 2010 15:39:09 +0200
Alexander Clouter wrote:
> Probably better off with failover[1], never got around to sorting it
> out myself, but it is something like this:
> ----
> modules {
> ldap ldap1 {
> [snipped]
>
> ok = return
No. The "ok = return" thing NEVER goes into a "modules" configuration.
> authorize {
> preprocess
> suffix
>
> redundant {
> ldap1
> ldap3
> ldap2
> ldap4
> }
That's the right one.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
To ensure you receive email from Trinity College into your inbox, please add @trinity-bris.ac.uk to your email safe list (also known as whitelist).
More information about the Freeradius-Users
mailing list