Hello, > On 10 May 2016, at 21:58, John Goubeaux <goube...@education.ucsb.edu> wrote: > > So, the question is CAN I insert another <AuthBy FILE> method after > <AuthBy LDAP2> and will this work as I want IF the user is not in the > LDAP Directory, eg IF LDAP fail;s will it drop down to the next > <AuthBy> statement ? OR do I need to add another <AuthBy GROUP> all > together in order for this to work ? >
if a user can not be found from LDAP, AuthBy LDAP2 returns REJECT and if LDAP connection fails, it will return IGNORE, so you could do it like <AuthBy GROUP> AuthByPolicy ContinueUntilReject <AuthBy FILE> Identifier MAC-Blacklist ... Blacklist </AuthBy> <AuthBy FILE> Identifier User-Blacklist ... Blacklist </AuthBy> <AuthBy GROUP> AuthByPolicy ContinueUntilAcceptOrChallenge <AuthBy LDAP2> Identifier LDAP-Users ... </AuthBy> <AuthBy FILE> Identifier Local-Users ... </AuthBy> </AuthBy> </AuthBy> Please see Radiator reference manual (http://www.open.com.au/radiator/ref.pdf) section "5.27.1 AuthByPolicy" for different policies. BR -- Tuure Vartiainen <varti...@open.com.au> Radiator: the most portable, flexible and configurable RADIUS server anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS, TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP, DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS, NetWare etc. _______________________________________________ radiator mailing list radiator@open.com.au http://www.open.com.au/mailman/listinfo/radiator