Autz-Type examples and parse error
Alan DeKok
aland at deployingradius.com
Tue Oct 12 21:48:55 CEST 2010
Harry Hoffman wrote:
> I'm following along with the docs for Autz-Type in freeradius-2.1.8,
> specifically the section about selecting between multiple instances of a
> module.
In 2.x, there are better ways to do this. See "man unlang" for
conditionally calling a module.
> In users.conf I have:
> DEFAULT Realm == "siteone.edu", Autz-Type := siteone_ldap, Auth-Type :=
> siteone_ldap
Please don't say "users.conf". It's the "users" file.
The issue is that 2.x has the "inner-tunnel" virtual server, and the
documentation is left over from 1.1.x. The solution is instead to *not*
use the "users" file. Instead, do:
authorize {
...
if (Realm == "siteone.edu") {
siteone_ldap
}
...
}
This will *also* have it automatically set "Auth-Type" to
siteone_ldap, too. That's simpler than the "users" file entry, and
gives less room for mistakes.
Alan DeKok.
More information about the Freeradius-Users
mailing list