rlm_ldap + bind as user authentication

Stefan Paetow Stefan.Paetow at ja.net
Thu Jul 17 18:37:11 CEST 2014


Hi,

I'm trying to use FreeRADIUS with an LDAP oracle (to be precise, an OpenLDAP instance that uses SASL authentication). From what I understand, this should happen with a single-user bind to the OpenLDAP server... Since it's supposed to use a bind, I'm not retrieving the password, which at this point explains the 'no Auth-Type found'.

Since Arran mentioned a while ago that binding with LDAP is a lot easier these days, is it correct that I use the following in my authorize section (after PAP):

update control {
        #  Only set the Auth-Type if it hasn't been set
        Auth-Type = LDAP
}

And then in the 'authenticate' section I use the below to enable binding?

Auth-Type LDAP {
        Ldap
}

If that's all (plus the user search in .../mods-available/ldap), that's grand :-)

Arran, can you confirm?

Stefan



Janet(UK) is a trading name of Jisc Collections and Janet Limited, a 
not-for-profit company which is registered in England under No. 2881024 
and whose Registered Office is at Lumen House, Library Avenue,
Harwell Oxford, Didcot, Oxfordshire. OX11 0SG. VAT No. 614944238

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20140717/605d9af1/attachment.html>


More information about the Freeradius-Users mailing list