Hi Rich,

On Apr 16,  3:03pm, Richard Hawley wrote:
> Subject: (RADIATOR) Authentication with multiple RADIUS servers
> We have an old Steel-Belted radius server.  Our radiator server is just
> now going into full production use.  I have it configured now with a
> ContinueUntilAccept clause, however, this is getting around the
> Simultaneous-Use checking.  The concern is that not every user was added
> to the SQL database from the old NT database.  If I change radius.cfg to
> be ContinueUntilReject, anyone who is not in the SQL database will be
> rejected.  Is there a way to avoid this?  I know if the user is not in
> the database, it will automatically reject.  Obviously I do not want to
> set it so it automatically accepts anyone not in the database.  I want
> it to pass the request to AuthBy RADIUS if the user does not exist in
> the SQL database.  Thanks.

You should do something like this:

<Realm xxxx>
        AuthByPolicy ContinueWhileReject
        <AuthBy SQL>
                blah blah blah
        </AuthBy>
        <AuthBy RADIUS>
                blah blah blah
        </AuthBy>
</Realm>

So, if they are in the SQL database, auths will accept without going to the
proxy. If they are not in SQL, auths will go to the proxy. Accoutning will
always be handled by SQL, and will never go to the proxy.

The sim-use checking should continue to work fine, counting peoples sessions
regardless of which method authenticated them.

Hope that helps.

Cheers.

-- 
Mike McCauley                               [EMAIL PROTECTED]
Open System Consultants Pty. Ltd            Unix, Perl, Motif, C++, WWW
24 Bateman St Hampton, VIC 3188 Australia   http://www.open.com.au
Phone +61 3 9598-0985                       Fax   +61 3 9598-0955

Radiator: the most portable, flexible and configurable RADIUS server 
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, 
Platypus, Freeside, external, etc etc on Unix, Win95/8, NT, Rhapsody
===
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.

Reply via email to