I'm a little new to freeradius.. Hmm.. I guess I made the assumption that a
user notfound would actually
imply no authorization ? That doesn't seem to be the case ?
So, I did the following...
authorize {
ldap1 {
notfound = reject
}
ldap2 (
notfound = reject
}
}
is this the correct way to do this ?
Thanks,
Robert
________________________________________
From: freeradius-users-bounces+robert.roll=utah....@lists.freeradius.org
[freeradius-users-bounces+robert.roll=utah....@lists.freeradius.org] On Behalf
Of Robert Roll [[email protected]]
Sent: Monday, March 21, 2011 4:23 PM
To: FreeRadius users mailing list
Subject: Behaviour of multiple sequenced authorization modules ?
I would like to have multiple authorization modules invoked and then reject if
ANY do NOT authorize ?
For instance..
authorize {
ldap1
ldap2
}
It appears if just one returns OK, then the subsequent authentication works.
BTW.. The subsequent authentication is actually a PEAP/MSCHAPV2... Therefore,
the ldap modules are ONLY used for authorization...
Is there somewhere that discusses the various options on how to control the
behaviour
when multiple authorization modules are involved ?
Thanks,
Robert
Robert Roll
Computer Professiona
University of Utah
[email protected]
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
