FR3.0 and LDAP

Maja Wolniewicz mgw at umk.pl
Mon Aug 12 22:47:16 CEST 2013


W dniu 12.08.2013 21:36, Alan DeKok pisze:
> Maja Wolniewicz wrote:
>> In FR3.0 the Auth-Type=LDAP isn't set in the rlm_ldap module, the
>> authorize section ends with Auth-Type=PAP, so authentication goes to the
>> PAP module.
>    That's what's supposed to happen when you use LDAP as a database.
Is there a way to decide which attribute is used in the PAP module?
I have in the ldap module config
update {
                 control:NT-Password            := 'ntPassword'
                 control:Password-With-Header    := 'userPassword'
}
and the PAP module uses NT encryption.
when I remove control:NT-Password line then CRYPT password is used
I would like the PAP module to use userPassword, I need ntPassword in 
the ldap module for PEAP authentication.

Maja
>
>> I can't find a place in the FR3.0 source, where Auth-Type=LDAP is set -
>> in a few comments it is mentioned that such a setting  happens
>> automatically.
>> Am I missing something?
>    Nope.  You're supposed to let LDAP be a database, and FreeRADIUS be an
> authentication server.
>
>    Alan DeKok.
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/devel.html


-- 
Maja Gorecka-Wolniewicz              mgw at umk.pl
Uczelniane Centrum                   Information  &  Communication
Informatyczne                        Technology Centre
Uniwersytet Mikolaja Kopernika       Nicolaus Copernicus University
Coll. Maximum, pl. Rapackiego 1, 87-100 Torun, Poland
tel.: +48 56-611-27-40 fax: +48 56-622-18-50 tel. kom.: +48-693032574


-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3393 bytes
Desc: Kryptograficzna sygnatura S/MIME
URL: <http://lists.freeradius.org/pipermail/freeradius-devel/attachments/20130812/1fc02493/attachment-0001.bin>


More information about the Freeradius-Devel mailing list