Hi Julien, I'd solve it by having two configurations, one for the static and one for the dynamic address assignment. The order is irrelevant, I'd put the one that's matching more often first. Configure the AuthByPolicy of the Handler to ContinueUntilAccept so both cases are checked until one returns accept.
So the static case is the easier one, just one AuthBy LDAP2 (note the case of AuthBy, you have it wrong in your original email) with a SearchFilter on Service-Type != DHCP (or Service-Type = Static or whatever value it has in your LDAP directory). The dynamic case has the two AuthBy's (LDAP2 and DYNADDRESS) in an AuthBy GROUP with AuthByPolicy set to ContinueWhileAccept. Best regards, Alex On 2016-07-01 18:20, Julien CAVOIZY wrote: Hello, I am building a new authentication model for a new telco operator and I have a problem : In the same Handler, I want to authenticate on a <Authby LDAP2> and only if I get an attribute « service-type = DHCP » in the LDAP response it should go to a second <AuthBy DYNADDRESS> to allocate a dynamic IP. I need that to do static IP allocation and fallback if not available to dynamic IP allocation. How would you handle this with radiator ? Thank you Julien _______________________________________________ radiator mailing list radiator@open.com.au<mailto:radiator@open.com.au> http://www.open.com.au/mailman/listinfo/radiator *"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"* T-Systems Austria GesmbH Rennweg 97-99, 1030 Wien Handelsgericht Wien, FN 79340b *"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"* Notice: This e-mail contains information that is confidential and may be privileged. If you are not the intended recipient, please notify the sender and then delete this e-mail immediately. *"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*
_______________________________________________ radiator mailing list radiator@open.com.au http://www.open.com.au/mailman/listinfo/radiator
