Eric Martell wrote: > I am trying to do ldap query lookup in the authorize > section and after successful authorization ( if ldap > entry exists on search query) ....reply with > Access-Accept if not reject.
So... you're not authenticating anyone? > I do not want to do authentication in LDAP as we are > not storing "userPassword" attribute in ldap schema. How will users be authenticated? > So in a way trying to do.. > > if(ldap search success) { > Access-Accept > } else { > Access-Reject > } Try this: authorize { ... ldap { notfound = reject } files } And have the "users" file: DEFAULT Auth-Type := Accept. Of course, in 2.0, you can use "unlang" to write a rule that looks pretty much like your pseudo-code above. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html