Help: FreeRadius Users with multiple passwords
jdennis at redhat.com
Fri Nov 18 16:31:01 CET 2011
On 11/18/2011 06:20 AM, Duong Manh Truong wrote:
> Thanks for your reply :)
> I have a better news that: By using OpenLDAP for FR Authen & Authorization
> => I can configure multiple passwords for each user (Uid)
> and use 1 of those passwords for successfully Authentication!
> Although it is done manually now, but somehow it solves the matter !
> If anyone have experienced this, please give some advices !
> Example: How to do it automatically or
> How to create a pool of passwords then use the pool for multiple users :)
Not exactly sure what you did, ldap does have the concept of
multi-valued attributes but that won't be of any use to you even if you
set multiple values for one attribute type (e.g. name). Why? The radius
server can only use one password for a user, not exactly sure what it
will do if it get more than one back from ldap, I assume it just picks
the first one (where first is probably non-deterministic).
The bottom line is there must be a one-to-one mapping between users and
passwords. User's should have just one password, this is good practice.
If you want to write custom code you can bypass the limitation but
really really don't want to do that.
Accept it as a given, 1 user, 1 password
Also please be courteous and trim your emails of non-relevant text.
John Dennis <jdennis at redhat.com>
Looking to carve out IT costs?
More information about the Freeradius-Users