In Doc: imply a group that changes the default ACTIONs to something like
fail = 1 everythingelse = return Tried in config: everythingelse = return radiusd.conf[1637] Unknown module rcode 'everythingelse'. Also tried: everything_else = return radiusd.conf[1637] Unknown module rcode 'everything_else'. Any ideas? -- Jonathan De Graeve Network/System Administrator Imelda vzw Informatica Dienst 015/50.52.98 [EMAIL PROTECTED] --------- Always read the manual for the correct way to do things because the number of incorrect ways to do things is almost infinite --------- -----Oorspronkelijk bericht----- Van: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Namens Ben Dowling Verzonden: dinsdag 27 september 2005 22:42 Aan: FreeRadius users mailing list Onderwerp: Re: EAP-TLS reject if CN not in MySQL Brilliant, that does the trick. Thanks a lot, Ben On Tue, 2005-09-27 at 16:05 -0400, Alan DeKok wrote: > Ben Dowling <[EMAIL PROTECTED]> wrote: > > Sorry I was referring to the username, the CN in the certificate gets > > sent as the username. My problem is how to reject users with valid > > certificates, but no entry in the database? > > doc/configurable_failover > > configure a module "always reject" (see radiusd.conf) > > In "authorize", do: > > ... > group { > sql { > notfound = 1 > ok = return > fail = return > everything_else = return > } > reject > } > > That says "if the user isn't found in SQL, reject" > > Alan DeKok. > - > List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
