I would (expect/hope) both would run unless there is a
(fallthrough = no) explicit or implied.
> users that dial into a number ending in 195 get the
> correct Auth-Type &
> Autz-Type, as do other calls that need to auth off of
> LDAP1. Problem is,
> when I have the LDAP2 instances in authorize {}
> authenticate {}, users
> authing off of LDAP1 do not get the correct group
> attributes per the group
> lookup in module instance ldap1. when radiusd is in
> debug mode, it shows
> the LDAP1 users going through both the ldap1 and ldap2
> module instances..
>
> Am I right in thinking it should only go through one
> or the other when
> Auth-Type is set as such?
>
> -Mike
>
>
> #radiusd.conf
> ---------------------------------------------
> modules {
> ldap ldap1 {
> ...............
> }
>
> ldap ldap2 {
> ...............
> }
> }
>
> authorize {
> Autz-Type LDAP1 {
> ldap1
> }
>
> Autz-Type LDAP2 {
> ldap2
> }
> }
>
> authenticate {
> Auth-Type LDAP1 {
> ldap1
> }
>
> Auth-Type LDAP2 {
> ldap2
> }
> }
>
> ---------------------------------------------
>
> # users
> ---------------------------------------------
> DEFAULT Called-Station-Id =~ "195$", Auth-Type :=
> LDAP2, Autz-Type :=
> LDAP2
> ............etc
>
> DEFAULT Auth-Type := LDAP1, Autz-Type := LDAP1
> Fall-Through = Yes
>
> DEFAULT Auth-Type := LDAP1, Autz-Type := LDAP1,
> Ldap-Group == "dial1"
> .......etc
>
> DEFAULT Auth-Type := LDAP1, Autz-Type := LDAP1,
> Ldap-Group == "dial2"
> ........etc
>
>
>
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
