Radius and LDAP permissions

Sven Hartge sven at svenhartge.de
Wed Sep 30 10:46:01 CEST 2020


On 30.09.20 09:04, lingctam wrote:

> Currently, my radius server is configured to use ldap. Would there be an issue if the radius and ldap daemons are ran with a different id group?
> 
> Radius:  ran by user (w/o root privilege)
> LDAP: ran by root
> 
> If this would cause an issue, what would resolve the issue of radius requests not being able to go through the ldap server?

Your LDAP server should also not run as root.

Besides that: Unless you access your LDAP server via a UNIX socket but
via TCP, it does not matter which user the client or the server run under.

Grüße,
Sven.


More information about the Freeradius-Users mailing list