Concatenation of authentication

Jérôme MATER jmater at protego.net
Wed May 7 17:34:09 CEST 2014


Hi Alan,

Thanks for your answer.

There 4000 users! And the priority is the authentication with token.
SQL database should be use only if  a user loses his token.

The solution would be to have 2 freeradius, one for token authentication 
and the other one for SQL database ?

Regards,
Jérôme

Le 07/05/2014 13:14, Alan DeKok a écrit :
> Jérôme MATER wrote:
>> I have made both configurations and it works separately. However, the
>> goal is :
>>
>> 1) I want to authenticate users with Windows Radius server and
>> authentication with token
>> 2) If authentication 1 failed, then user tries to connect on the SQL
>> database automatically.
>    That's not really how RADIUS works.  If the user is rejected, you
> can't turn that into an accept.
>
>> I've tried with post-auth section, post-proxy section...
>>
>> Is it possible ? How can I do that.
>    You can't.
>
>    Instead, determine which users should use SQL, and which users should
> authenticate via the Windows RADIUS server.  Then, make them do that.
>
>    Alan DeKok.
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20140507/397f7591/attachment.html>


More information about the Freeradius-Users mailing list