802.1x+EAP+LDAP

Arjuna Scagnetto arjuna at ts.infn.it
Thu Jun 28 12:15:17 CEST 2007


i have a configuration that works.

Using 802.1x Eap-ttls (pap) and a OpenLdap for user authentication.
It works.

But this lines inside radius.conf make me confused.

  # Uncomment it if you want to use ldap for authentication
         #
         # Note that this means "check plain-text password against
         # the ldap database", which means that EAP won't work,
         # as it does not supply a plain-text password.

in my radius.conf the following lines ,in section authorize, are uncommented

        Auth-Type LDAP {
                ldap
        }

and in section authentication ldap option is uncommented.

if i comment the ldap options in authorize section doesn't work, and the 
same if i comment the ldap option in authenticate section.
No radius schema installed on openldap. Using ldap.attr in radius.

Can someone help me understand why it works even if it shouldn't?

Thanks for answering
Arjuna Scagnetto



More information about the Freeradius-Users mailing list