Ben Dowling <[EMAIL PROTECTED]> wrote:
> Sorry I was referring to the username, the CN in the certificate gets
> sent as the username. My problem is how to reject users with valid
> certificates, but no entry in the database?
doc/configurable_failover
configure a module "always reject" (see radiusd.conf)
In "authorize", do:
...
group {
sql {
notfound = 1
ok = return
fail = return
everything_else = return
}
reject
}
That says "if the user isn't found in SQL, reject"
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
