How do I have one Freeradius server hosting multiple ldap instances and associate each SSID with particular LDAP instance to authenticate

Ziggy Bopster ziggybopster at gmail.com
Thu Sep 23 17:21:41 CEST 2010


Hi Phil,

Let me look into the docs and see if I can get something setup..

If I had one SSID and wanted multiple LDAP servers & search bases behind it,
should I use Option#1.. (i.e. User selects SSID Secure.. If user is not
found in LDAP search base #1, look for user in LDAP search base #2, if not
found in LDAP search base #3, look for it in #4 and etc..

Doreen

On Thu, Sep 23, 2010 at 7:47 AM, Phil Mayers <p.mayers at imperial.ac.uk>wrote:

> On 23/09/10 15:08, Ziggy Bopster wrote:
>
>> Hi Phil,
>>
>> Thank you so much for responding with your recommendations.. The Ldap
>> config varies only by Server IP, Base DN and password.. If I use option
>>
>
> If the bind DN passwords are different, you probably can't use this option.
> You'll probably need >1 ldap module.
>
>
>  #2, how does Free Radius know which OU to plug in when authorizing
>> users?  Does that mean users have to enter their fully qualified login
>> name ?
>>
>
> Have you read docs/rlm_ldap?
>
>
>
>> Maybe Option #1 is good if I check for Calling Station ID in the "if"
>> statement in the authorize section?
>>
>
> Yes, I think that's your best option.
>
>
>
>> Thank you for your patience again with my questions.. I wasn't sure what
>> to call what I am trying to do, so couldn't find exact documentation on
>> it.. Do you have a link where I can find out more info on how to do
>> this?  THANK YOU SOOO MUCH.
>>
>
> FreeRadius basically passes each request through a series of modules. You
> can control the flow through these modules in various ways.
>
> See "man unlang" for the basic documentation.
>
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20100923/92e25a25/attachment.html>


More information about the Freeradius-Users mailing list