Michael Check <[EMAIL PROTECTED]> wrote: > So debugging shows that the authorize section works as expected, but, also > as expected, it tries to authenticate off the _first_ LDAP server only and > fails.
Because that's what you told it to do. > authenticate { > # Uncomment it if you want to use ldap for authentication > authtype LDAP { > ldap1 > ldap2 > } You've put BOTH ldap modules into one group. Why? > How can we get freeRADIUS to know that we're authenticating off the _second_ > LDAP server? Put the ldap modules into different authtype groups: LDAP1 and LDAP2, and then set Auth-Type to one of LDAP1 or LDAP2. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html