FreeRadius/eDirectory/802.1X authentication issue

Matt Causey matt.causey at gmail.com
Thu Jun 12 09:40:53 CEST 2008


>See why I say I don't know a whole lot about how all this works?? :)  So
>it sounds like I don't even need LDAP, but it's helpful for at least

I know it is possible to use EAP-TLS, and then use some attribute from the
certificate and query LDAP about it.  If that's the case in your
configuration, you should be able to see that from the config files in your
$raddb directory.  You can post the config if you have questions.

Matt

On Wed, Jun 11, 2008 at 6:44 PM, Newall, Bryce <bnewall at powayusd.com> wrote:

>
> > -----Original Message-----
> > From:
> freeradius-users-bounces+bnewall=powayusd.com at lists.freeradius.org
> > [mailto:freeradius-users-
> > bounces+bnewall=powayusd.com at lists.freeradius.org] On Behalf Of Alan
> DeKok
> > Sent: Wednesday, June 11, 2008 10:30 AM
> > To: FreeRadius users mailing list
> > Subject: Re: FreeRadius/eDirectory/802.1X authentication issue
> >
> > >  We need to have FreeRADIUS speak LDAP
> > > with Novell eDirectory, and be able to authenticate wireless clients
> > > using EAP-TLS (or even EAP-TTLS, but we're using TLS right now).
> >
> >   Er... EAP-TLS means that it won't normally do user lookups in LDAP.
>
> See why I say I don't know a whole lot about how all this works?? :)  So
> it sounds like I don't even need LDAP, but it's helpful for at least
> testing the RADIUS configuration with a program like NTRadPing to make
> sure it's working correctly before jumping into the EAP-TLS setup.
>
> >   And you should ugprade to 2.0.5.  It makes 1.1.0 look as bad as IAS.
>
> SLES 10 SP2 still ships with FreeRADIUS 1.1.0.  Go figure.  Any
> suggestions as to where to find some good HOWTO docs?  I went through
> the FreeRADIUS Wiki, but it wasn't very complete.
>
> Thanks!
>
> Bryce Newall
> Systems Administrator
> Poway Unified School District
> (858) 679-2576
> bnewall at powayusd.com
>
>
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20080612/c1d349a9/attachment.html>


More information about the Freeradius-Users mailing list