Sean McNamara wrote: > I'm working on finding a way to define multiple local realms and have > each have a unique ldap profile associated with them. We want one > associated with a particular realm, and the other to be the > catchall/default case. In addition to this, we're also using EAP/TTLS, > which may or not complicate the situation.. After googling a bit, I was > under the impression that something along the following lines should work: > Here are the relevant parts of the the files I modified: ... > in dictionary:
Please don't edit the dictionaries. The VALUEs you defined are already defined as something else. And the server will automatically create the relevant values for you, so there's no need to edit the dictionaries. > in users: > DEFAULT Domain == "VLS", Autz-Type := VLS There is no "Domain" attribute. You mean "Realm". > When I attempt to authenticate, regardless of whether I specify a realm > or not, it only checks the vuldap servers. Any suggestions would be > greatly appreciated! If you run the server in debugging mode, you will see that your current configuration does *not* match the entry in the "users" file that you have. Make the changes I suggest, and it should work. Alan DeKok. -- http://deployingradius.com - The web site of the book http://deployingradius.com/blog/ - The blog - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html