"Roy, Daniel" <[EMAIL PROTECTED]> wrote:
> Great stuff Alan. Thank you. I deleted my entry in radgroupcheck in
> MySQL that had "Auth-Type :=3D Local", and now:
> 1) Valid user-names and passwords result in Access-Accept (as desired)
> 2) Invalid user-names (regardless of password) get proxied (as desired)
> Cool.
Sounds good to me.
> Now the only thing that the configurable failover isn't doing for me is
> in the authenticate stage, which I can't see how to do since the
> authenticate section in radiusd.conf doesn't support a configurable
> failover section, as far as I can tell.
Hmmm... it might. The code which handles configurable failover is
in src/main/mod*.c, and it doesn't know about the differences between
authorze{} or authenticate{}. So it should work.
e.g.
authenticate {
Auth-Type foo {
bar {
reject = 1
}
baz
}
}
> What I want to happen is that any failed authentication be proxied as
> well.
The above example may work.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
