Nicholas Hall wrote:
> *My Goal*: PAP on legacy port 1645, CHAP on 1812 working simultaneously.
All you need to do is to configure two "listen" sections. This can be
done in 1.1.7. You don't need two virtual servers.
The problem is that my PAP users are in a different location in LDAP. This is why I created two more instances of the LDAP module pointing to a different basedn.
> *My Environment*: FreeRADIUS 2.0.0-pre2, LDAP user database, MySQL
> Accounting.
Please don't use -pre2. I'll be removing it from the web site soon,
as we plan on releasing 2.0.0 within a *very* short while.
i.e. grab a
copy of the source from CVS, and use that.
I'm actually running a CVS snapshot from a while back. It seems to be working fine -- my plan was to continue running it until 2.0.0 is released.
> *Problem*: I'm running a virtual host for each AUTH port. Each works
> fine when placed in sites-enabled individually but my CHAP virtualhost
> fails when both are enabled. The vhost listening on 1812 appears to be
> referencing an LDAP module that is not listed in it's server{ ... }
> block. You will see "ou=Dialup" in the debugging output below of a CHAP
> request to 1812 that is only contained in the legacy PAP vhost. Any
> ideas are appreciated!!
Please read the *entire* debug log. It's not just doing an LDAP query
at random. It's doing an LDAP query because you're using the LDAP-Group
attribute in line 16 of the "users" file.
If you don't want a virtual server to do LDAP lookups, don't configure
it to use the LDAP-Group attribute.
Thanks. Things are working after removing the LDAP-Group attribute. I'm not 100% sure why but for now I'm not going to worry about it!