what is use of LDAP option!!!!

shantanu choudhary shantanu_843 at yahoo.co.in
Fri Aug 17 11:23:36 CEST 2007 

well i want to use database in place of user file.
now as i see one option is using mysql or using LDAP. Unfortunately i am biased towards LDAP as i have already created my database in it. Now as radiusd file says....
 However, LDAP can be used for authentication ONLY when the
        #  Access-Request packet contains a clear-text User-Password
        #  attribute.  LDAP authentication will NOT work for any other
        #  authentication method.
        #
        #  This means that LDAP servers don't understand EAP.  If you
        #  force "Auth-Type = LDAP", and then send the server a
        #  request containing EAP authentication, then authentication
        #  WILL NOT WORK.
        #
        #  The solution is to use the default configuration, which does
        #  work.
        #
        #  Setting "Auth-Type = LDAP" is ALMOST ALWAYS WRONG.  We
        #  really can't emphasize this enough.
        #  this is changed configuration!!! 
right now in authentication block i cant run this server if i remove this "Auth-Type", and your authentication block says....
Note that it does NOT mean 'try each module in order'.  It means
#  that a module from the 'authorize' section adds a configuration
#  attribute 'Auth-Type := FOO'.  That authentication type is then
#  used to pick the apropriate module from the list below.

and my problem starts here this radius server will come into picture only when i enable WPA in my AP and when i enable this i cant send user-password in clear text to server, but my sever which is configured for LDAP wont understand that "THEN WHY WE HAVE THIS OPTION???????"

again even on client side if you use wpa you have to mention eap type, for windows we dont have more then two options available PEAP and TTLS not even md5 and all so if they are configured for wpa they wont send password in clear text then also how will my server authenticate it using LDAP...

i am really confused from all this thing, it is not working out for me. Should i take mysql for this thing..
my username and password has a big list and i just want to use database for this connection now can anyone help me out!!!
thanks for taking pain

regards 
shantanu

       
---------------------------------
 Once upon a time there was 1 GB storage in your inbox. Click here for happy ending.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20070817/c17cf8fb/attachment.html>

More information about the Freeradius-Users mailing list