Windows Authentication and Authorization via LDAP on FreeRadius v2.1.4 Configuration Help!!!

Michael Schwartzkopff misch at multinet.de
Tue Mar 24 20:24:29 CET 2009


Am Dienstag, 24. März 2009 17:29:26 schrieb Edwin Isada:
> Thanks for all the info and missed reading the comments at the end of the
> radiusd.conf.  I uncommented out the ldap portions of
> /usr/local/etc/raddb/sites-enabled.   My config in modules section is
>
> ldap {
>                         server = "ciq-dc1.ciq.com"
>                         port = 636
>                         identity = "ciq\\radius"
>                         password = "password"
>                         basedn = "dc=ciq,dc=com"
>         filter =
> "(&(objectCategory=user)(samaccountname=%{user-name})(memberOf=cn=MIS-Admin
>s-All,OU=MIS Admin,DC=CIQ,DC=COM))"
>                         access_attr = "samAccountName"
>                         ldap_connections_number = 5
>                         timeout = 4
>                         timelimit = 3
>                         }
>
> However, I'm getting some errors when running in debug mode.  Here they
> are:
>
> /usr/local/etc/raddb/radiusd.conf[644]: Failed to link to module
> 'rlm_ldap': rlm_ldap.so: cannot open shared object file: No such file or
> dire
> ctory
> /usr/local/etc/raddb/sites-enabled/default[163]: Failed to find module
> "ldap".
> /usr/local/etc/raddb/sites-enabled/default[62]: Errors parsing authorize
> section.
>  }
> Errors initializing modules
>
> Am I missing something here...
>
> On Tue, Mar 24, 2009 at 11:08 AM, <tnt at kalik.net> wrote:
> > >Excuse me for my lack of knowledge with Linux and FreeRadius.  I hardly
> >
> > have
> >
> > >any experience and I've been using version 1.1.3 for the past few weeks
> >
> > and
> >
> > >had authentication working properly for Cisco devices.  I decided to
> >
> > install
> >
> > >the latest version 2.1.4 and forgot to save all my configuration for
> >
> > 1.1.3.
> >
> > >Hopefully I'll learn my lesson next time =)  The radiusd.conf file from
> >
> > what
> >
> > >I recall looks totally different.  I inserted my ldap information in the
> > >modules section, but running the basic debug I'm seeing an error "No
> > >authenticate method (Auth-Type).  Even running the recommended radtest
> >
> > it's
> >
> > >failing in reviewing the debug.  I believe I'm missing authenticate
> >
> > config.
> >
> > >If so do I need to modify another file or add it to radiusd.conf?  I'm a
> > >little lost here if someone can point me the right direction and
> > > hopefully
> >
> > I
> >
> > >can proceed with getting authorization working afterwards.
> >
> > Did you read the comments at the end of radiusd.conf? It does say that
> > authorize, authenticate and other sections are now in virtual servers.
> > Look up default virtual server and enable ldap in there.
> >
> > Ivan Kalik
> > Kalik Informatika ISP
> >
> > -
> > List info/subscribe/unsubscribe? See
> > http://www.freeradius.org/list/users.html

If you want to authenticate against AD read:
http://wiki.freeradius.org/FreeRADIUS_Active_Directory_Integration_HOWTO

-- 
Dr. Michael Schwartzkopff
MultiNET Services GmbH
Addresse: Bretonischer Ring 7; 85630 Grasbrunn; Germany
Tel: +49 - 89 - 45 69 11 0
Fax: +49 - 89 - 45 69 11 21
mob: +49 - 174 - 343 28 75

mail: misch at multinet.de
web: www.multinet.de

Sitz der Gesellschaft: 85630 Grasbrunn
Registergericht: Amtsgericht München HRB 114375
Geschäftsführer: Günter Jurgeneit, Hubert Martens

---

PGP Fingerprint: F919 3919 FF12 ED5A 2801 DEA6 AA77 57A4 EDD8 979B
Skype: misch42




More information about the Freeradius-Users mailing list