Norbert Wegener <[EMAIL PROTECTED]> wrote:
authenticate {
#ldap1
group {
ldap1 {
You can't use anonymous groups in the "authenticate" section. You
have to explicitely use "Auth-Type", and give it a name. This is
because only ONE auth-type is run from that section. So if you had an
anonymous group, it would never get run, because you could never
reference it by name.
Alan DeKok.
Say you had two ldap instances.
authorize {
redundant {
ldap1
ldap2
}
}
authenticate {
ldap1
ldap2
}
Say you had 4 ldap instances. Two for dial users and two for isdn users.
They point to the same servers, but with different configurations.
authorize {
Autz-Type dial {
redundant {
ldap_dial1
ldap_dial2
}
}
Autz-Type isdn {
redundant {
ldap_isdn1
ldap_isdn2
}
}
}
authenticate {
Auth-Type dial {
ldap_dial1
ldap_dial2
}
Auth-Type adsl {
ldap_isdn1
ldap_isdn2
}
}
In that case, you would need to declare these somewhere, such as the users
file.
DEFAULT NAS-Port-Type == Async, Autz-Type := dial, Auth-Type := dial
DEFAULT NAS-Port-Type == ISDN, Autz-Type := isdn, Auth-Type := isdn
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
