Yes, but your samba is using the ldap<div><br></div><div>[]'s<br clear="all">--<br>Vinicius Teixeira Coelho<br><br>Registered Linux User #469313<br>The Ubuntu Counter Project - user number # 21463<br>
<br><br><div class="gmail_quote">On Fri, Feb 11, 2011 at 4:35 PM, Gary Gatten <span dir="ltr"><<a href="mailto:Ggatten@waddell.com">Ggatten@waddell.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;">
<div lang="EN-US" link="blue" vlink="blue">
<div>
<p class="MsoNormal"><font size="3" color="black" face="Times New Roman"><span style="font-size:12.0pt;color:black">Yeah, but that’s SAMBA – not LDAP.
</span></font><span><font size="4" face="Arial"><span style="font-size:13.5pt;font-family:Arial">(Added</span></font></span><span><font size="4" face="Arial"><span style="font-size:13.5pt;font-family:Arial"> <span title="Clique para mostrar traduções alternativas"></span></span></font></span><span><font size="4" face="Arial"><span style="font-size:13.5pt;font-family:Arial">"</span></font></span><span title="Clique para mostrar traduções alternativas"></span><span><font size="4" face="Arial"><span style="font-size:13.5pt;font-family:Arial">Password</span><span title="Clique para mostrar traduções alternativas">-With</span></font></span><span title="Clique para mostrar traduções alternativas"></span><span><font size="4" face="Arial"><span style="font-size:13.5pt;font-family:Arial">-</span></font></span><span title="Clique para mostrar traduções alternativas"></span><span><font size="4" face="Arial"><span style="font-size:13.5pt;font-family:Arial">Header</span> <span title="Clique para mostrar traduções alternativas"></span></font></span><span><font size="4" face="Arial"><span style="font-size:13.5pt;font-family:Arial">==</span></font></span><span><font size="4" face="Arial"><span style="font-size:13.5pt;font-family:Arial"> <span title="Clique para mostrar traduções alternativas"></span></span></font></span><span><font size="4" face="Arial"><span style="font-size:13.5pt;font-family:Arial">userPassword</span></font></span><span title="Clique para mostrar traduções alternativas"></span><span><font size="4" face="Arial"><span style="font-size:13.5pt;font-family:Arial">"</span> <span title="Clique para mostrar traduções alternativas"></span></font></span><span><font size="4" face="Arial"><span style="font-size:13.5pt;font-family:Arial">to</span></font></span><span><font size="4" face="Arial"><span style="font-size:13.5pt;font-family:Arial"> <span title="Clique para mostrar traduções alternativas"></span></span></font></span><span><font size="4" face="Arial"><span style="font-size:13.5pt;font-family:Arial">raddb</span></font></span><span><font size="4" face="Arial"><span style="font-size:13.5pt;font-family:Arial"> <span title="Clique para mostrar traduções alternativas"></span></span></font></span><span><font size="4" face="Arial"><span style="font-size:13.5pt;font-family:Arial">/</span></font></span><span><font size="4" face="Arial"><span style="font-size:13.5pt;font-family:Arial"> <span title="Clique para mostrar traduções alternativas"></span></span></font></span><span><font size="4" face="Arial"><span style="font-size:13.5pt;font-family:Arial">ldap.attrmap</span></font></span><span><font size="4" face="Arial"><span style="font-size:13.5pt;font-family:Arial"> <span title="Clique para mostrar traduções alternativas">) sounds interesting!</span></span></font></span><font color="black"><span style="color:black"></span></font></p>
<p class="MsoNormal"><font size="3" color="black" face="Times New Roman"><span style="font-size:12.0pt;color:black"> </span></font></p>
<div>
<div class="MsoNormal" align="center" style="text-align:center"><font size="3" face="Times New Roman"><span style="font-size:12.0pt">
<hr size="2" width="100%" align="center">
</span></font></div>
<p class="MsoNormal"><b><font size="2" face="Tahoma"><span style="font-size:10.0pt;font-family:Tahoma;font-weight:bold">From:</span></font></b><font size="2" face="Tahoma"><span style="font-size:10.0pt;font-family:Tahoma">
freeradius-users-bounces+ggatten=<a href="http://waddell.com" target="_blank">waddell.com</a>@<a href="http://lists.freeradius.org" target="_blank">lists.freeradius.org</a>
[mailto:<a href="mailto:freeradius-users-bounces%2Bggatten" target="_blank">freeradius-users-bounces+ggatten</a>=<a href="http://waddell.com" target="_blank">waddell.com</a>@<a href="http://lists.freeradius.org" target="_blank">lists.freeradius.org</a>] <b><span style="font-weight:bold">On Behalf Of </span></b>Vinicius Teixeira Coelho<br>
<b><span style="font-weight:bold">Sent:</span></b> Friday, February 11, 2011
12:09 PM</span></font></p><font size="2" face="Tahoma"><div class="im"><br>
<b><span style="font-weight:bold">To:</span></b> FreeRadius users mailing list<br>
</div><b><span style="font-weight:bold">Subject:</span></b> Re: Freeradius + LDAP for
WPA-Enterprise</font><p></p>
</div><div><div></div><div class="h5">
<p class="MsoNormal"><font size="3" face="Times New Roman"><span style="font-size:12.0pt"> </span></font></p>
<div>
<p class="MsoNormal"><span><font size="4" face="Arial"><span style="font-size:13.5pt;font-family:Arial">Hello</span></font></span><span title="Clique para mostrar traduções alternativas"></span><span><font size="4" face="Arial"><span style="font-size:13.5pt;font-family:Arial">,</span> <span title="Clique para mostrar traduções alternativas"></span></font></span><span><font size="4" face="Arial"><span style="font-size:13.5pt;font-family:Arial">I</span></font></span><span title="Clique para mostrar traduções alternativas"></span><span><font size="4" face="Arial"><span style="font-size:13.5pt;font-family:Arial">'m trying</span> <span title="Clique para mostrar traduções alternativas"></span></font></span><span><font size="4" face="Arial"><span style="font-size:13.5pt;font-family:Arial">to do</span></font></span><span><font size="4" face="Arial"><span style="font-size:13.5pt;font-family:Arial"> <span title="Clique para mostrar traduções alternativas"></span></span></font></span><span><font size="4" face="Arial"><span style="font-size:13.5pt;font-family:Arial">the same</span></font></span><span><font size="4" face="Arial"><span style="font-size:13.5pt;font-family:Arial"> <span title="Clique para mostrar traduções alternativas"></span></span></font></span><span><font size="4" face="Arial"><span style="font-size:13.5pt;font-family:Arial">thing</span></font></span><span title="Clique para mostrar traduções alternativas"></span><span><font size="4" face="Arial"><span style="font-size:13.5pt;font-family:Arial">, I</span> <span title="Clique para mostrar traduções alternativas"></span></font></span><span><font size="4" face="Arial"><span style="font-size:13.5pt;font-family:Arial">know I</span></font></span><span><font size="4" face="Arial"><span style="font-size:13.5pt;font-family:Arial"> <span title="Clique para mostrar traduções alternativas"></span></span></font></span><span><font size="4" face="Arial"><span style="font-size:13.5pt;font-family:Arial">have to</span></font></span><span><font size="4" face="Arial"><span style="font-size:13.5pt;font-family:Arial"> <span title="Clique para mostrar traduções alternativas"></span></span></font></span><span><font size="4" face="Arial"><span style="font-size:13.5pt;font-family:Arial">use</span></font></span><span><font size="4" face="Arial"><span style="font-size:13.5pt;font-family:Arial"> <span title="Clique para mostrar traduções alternativas"></span></span></font></span><span><font size="4" face="Arial"><span style="font-size:13.5pt;font-family:Arial">winbind</span></font></span><span><font size="4" face="Arial"><span style="font-size:13.5pt;font-family:Arial"> <span title="Clique para mostrar traduções alternativas"></span></span></font></span><span><font size="4" face="Arial"><span style="font-size:13.5pt;font-family:Arial">and</span></font></span><span><font size="4" face="Arial"><span style="font-size:13.5pt;font-family:Arial"> <span title="Clique para mostrar traduções alternativas"></span></span></font></span><span><font size="4" face="Arial"><span style="font-size:13.5pt;font-family:Arial">samba</span></font></span><span><font size="4" face="Arial"><span style="font-size:13.5pt;font-family:Arial"> <span title="Clique para mostrar traduções alternativas"></span></span></font></span><span><font size="4" face="Arial"><span style="font-size:13.5pt;font-family:Arial">to get</span></font></span><span><font size="4" face="Arial"><span style="font-size:13.5pt;font-family:Arial"> <span title="Clique para mostrar traduções alternativas"></span></span></font></span><span><font size="4" face="Arial"><span style="font-size:13.5pt;font-family:Arial">it,</span></font></span><span><font size="4" face="Arial"><span style="font-size:13.5pt;font-family:Arial"> <span title="Clique para mostrar traduções alternativas"></span></span></font></span><span><font size="4" face="Arial"><span style="font-size:13.5pt;font-family:Arial">but</span></font></span><span><font size="4" face="Arial"><span style="font-size:13.5pt;font-family:Arial"> <span title="Clique para mostrar traduções alternativas"></span></span></font></span><span><font size="4" face="Arial"><span style="font-size:13.5pt;font-family:Arial">in</span></font></span><span><font size="4" face="Arial"><span style="font-size:13.5pt;font-family:Arial"> <span title="Clique para mostrar traduções alternativas"></span></span></font></span><span><font size="4" face="Arial"><span style="font-size:13.5pt;font-family:Arial">reading</span></font></span><span><font size="4" face="Arial"><span style="font-size:13.5pt;font-family:Arial"> <span title="Clique para mostrar traduções alternativas"></span></span></font></span><span><font size="4" face="Arial"><span style="font-size:13.5pt;font-family:Arial">the</span></font></span><span><font size="4" face="Arial"><span style="font-size:13.5pt;font-family:Arial"> <span title="Clique para mostrar traduções alternativas"></span></span></font></span><span><font size="4" face="Arial"><span style="font-size:13.5pt;font-family:Arial">news</span></font></span><span><font size="4" face="Arial"><span style="font-size:13.5pt;font-family:Arial"> <span title="Clique para mostrar traduções alternativas"></span></span></font></span><span><font size="4" face="Arial"><span style="font-size:13.5pt;font-family:Arial">I found this</span></font></span><span><font size="4" face="Arial"><span style="font-size:13.5pt;font-family:Arial"> <span title="Clique para mostrar traduções alternativas"></span></span></font></span><span><font size="4" face="Arial"><span style="font-size:13.5pt;font-family:Arial">freeradius</span></font></span><span><font size="4" face="Arial"><span style="font-size:13.5pt;font-family:Arial"> <span title="Clique para mostrar traduções alternativas"></span></span></font></span><span><font size="4" face="Arial"><span style="font-size:13.5pt;font-family:Arial">2.1</span></font></span><span><font size="4" face="Arial"><span style="font-size:13.5pt;font-family:Arial"> <span title="Clique para mostrar traduções alternativas"></span></span></font></span><span><font size="4" face="Arial"><span style="font-size:13.5pt;font-family:Arial">Added</span></font></span><span><font size="4" face="Arial"><span style="font-size:13.5pt;font-family:Arial"> <span title="Clique para mostrar traduções alternativas"></span></span></font></span><span><font size="4" face="Arial"><span style="font-size:13.5pt;font-family:Arial">"</span></font></span><span title="Clique para mostrar traduções alternativas"></span><span><font size="4" face="Arial"><span style="font-size:13.5pt;font-family:Arial">Password</span><span title="Clique para mostrar traduções alternativas">-With</span></font></span><span title="Clique para mostrar traduções alternativas"></span><span><font size="4" face="Arial"><span style="font-size:13.5pt;font-family:Arial">-</span></font></span><span title="Clique para mostrar traduções alternativas"></span><span><font size="4" face="Arial"><span style="font-size:13.5pt;font-family:Arial">Header</span> <span title="Clique para mostrar traduções alternativas"></span></font></span><span><font size="4" face="Arial"><span style="font-size:13.5pt;font-family:Arial">==</span></font></span><span><font size="4" face="Arial"><span style="font-size:13.5pt;font-family:Arial"> <span title="Clique para mostrar traduções alternativas"></span></span></font></span><span><font size="4" face="Arial"><span style="font-size:13.5pt;font-family:Arial">userPassword</span></font></span><span title="Clique para mostrar traduções alternativas"></span><span><font size="4" face="Arial"><span style="font-size:13.5pt;font-family:Arial">"</span> <span title="Clique para mostrar traduções alternativas"></span></font></span><span><font size="4" face="Arial"><span style="font-size:13.5pt;font-family:Arial">to</span></font></span><span><font size="4" face="Arial"><span style="font-size:13.5pt;font-family:Arial"> <span title="Clique para mostrar traduções alternativas"></span></span></font></span><span><font size="4" face="Arial"><span style="font-size:13.5pt;font-family:Arial">raddb</span></font></span><span><font size="4" face="Arial"><span style="font-size:13.5pt;font-family:Arial"> <span title="Clique para mostrar traduções alternativas"></span></span></font></span><span><font size="4" face="Arial"><span style="font-size:13.5pt;font-family:Arial">/</span></font></span><span><font size="4" face="Arial"><span style="font-size:13.5pt;font-family:Arial"> <span title="Clique para mostrar traduções alternativas"></span></span></font></span><span><font size="4" face="Arial"><span style="font-size:13.5pt;font-family:Arial">ldap.attrmap</span></font></span><span><font size="4" face="Arial"><span style="font-size:13.5pt;font-family:Arial"> <span title="Clique para mostrar traduções alternativas"></span></span></font></span><span><font size="4" face="Arial"><span style="font-size:13.5pt;font-family:Arial">This</span></font></span><span><font size="4" face="Arial"><span style="font-size:13.5pt;font-family:Arial"> <span title="Clique para mostrar traduções alternativas"></span></span></font></span><span><font size="4" face="Arial"><span style="font-size:13.5pt;font-family:Arial">Will</span></font></span><span><font size="4" face="Arial"><span style="font-size:13.5pt;font-family:Arial"> <span title="Clique para mostrar traduções alternativas"></span></span></font></span><span><font size="4" face="Arial"><span style="font-size:13.5pt;font-family:Arial">automatically</span><span title="Clique para mostrar traduções alternativas">convert</span></font></span><span><font size="4" face="Arial"><span style="font-size:13.5pt;font-family:Arial"> <span title="Clique para mostrar traduções alternativas"></span></span></font></span><span><font size="4" face="Arial"><span style="font-size:13.5pt;font-family:Arial">more</span></font></span><span><font size="4" face="Arial"><span style="font-size:13.5pt;font-family:Arial"> <span title="Clique para mostrar traduções alternativas"></span></span></font></span><span><font size="4" face="Arial"><span style="font-size:13.5pt;font-family:Arial">passwords</span></font></span></p>
</div>
<div>
<p class="MsoNormal"><font size="3" face="Times New Roman"><span style="font-size:12.0pt"> </span></font></p>
</div>
<div>
<p class="MsoNormal" style="margin-bottom:12.0pt"><span><font size="4" face="Arial"><span style="font-size:13.5pt;font-family:Arial">[]'s</span></font></span><font size="4" face="Arial"><span style="font-size:13.5pt;font-family:Arial"><br clear="all">
</span></font>--<br>
Vinicius Teixeira Coelho<br>
<br>
Registered Linux User #469313<br>
The Ubuntu Counter Project - user number # 21463<br>
<br>
</p>
<div>
<p class="MsoNormal"><font size="3" face="Times New Roman"><span style="font-size:12.0pt">On Fri, Feb 11, 2011 at 3:37 PM, Gary Gatten <<a href="mailto:Ggatten@waddell.com" target="_blank">Ggatten@waddell.com</a>> wrote:</span></font></p>
<p class="MsoNormal"><font size="3" face="Times New Roman"><span style="font-size:12.0pt">I'm barely a novice with FR, so take this with a grain of salt:<br>
<br>
You forced ALL Authentication requests to use LDAP. EAP / LDAP don't play
well together. Remove the "Auth Type LDAP" - for now.<br>
<br>
You almost "never" want to set the Auth-Type directly, FR figures it
out from the request. For testing and troubleshooting it's OK, and if you
really know what the consequences are its OK, but generally speaking don't set
the auth type.<br>
<br>
As for accomplishing your goal, unfortunately others will have to help you with
that - I don't know FR/LDAP/EAP well enough. But, I don't THINK you can
authenticate EAP requests against LDAP directly because of the "no clear
text password" issue.<br>
<br>
Gary</span></font></p>
<div>
<div>
<p class="MsoNormal" style="margin-bottom:12.0pt"><font size="3" face="Times New Roman"><span style="font-size:12.0pt"><br>
<br>
-----Original Message-----<br>
From: freeradius-users-bounces+ggatten=<a href="http://waddell.com" target="_blank">waddell.com</a>@<a href="http://lists.freeradius.org" target="_blank">lists.freeradius.org</a> [mailto:<a href="mailto:freeradius-users-bounces%2Bggatten" target="_blank">freeradius-users-bounces+ggatten</a>=<a href="http://waddell.com" target="_blank">waddell.com</a>@<a href="http://lists.freeradius.org" target="_blank">lists.freeradius.org</a>] On
Behalf Of Max Schröder<br>
Sent: Friday, February 11, 2011 11:06 AM<br>
To: <a href="mailto:freeradius-users@lists.freeradius.org" target="_blank">freeradius-users@lists.freeradius.org</a><br>
Subject: Freeradius + LDAP for WPA-Enterprise<br>
<br>
Hello to all,<br>
<br>
I would like to use Freeradius to authenticate my wireless network using<br>
OpenWRT and Freeradius + LDAP. What I've done:<br>
<br>
First Authenticated Users in WLan using EAP-TTLS and files in<br>
Freeradius. WORKED! Then I've configured ldap-Modul + added "ldap" in<br>
the authorize- and "Auth-Type LDAP { ldap }" in the<br>
authenticate-section. The test via radtest succeeded.<br>
<br>
But now the authentication using OpenWRT (EAP-TTLS) like the first try<br>
with files - now with ldap did not work. I do noticed the following comment<br>
<br>
# Note that this means "check plain-text password against<br>
# the ldap database", which means that EAP won't work,<br>
# as it does not supply a plain-text password.<br>
Auth-Type LDAP { ldap }<br>
<br>
but I don't know what to change that it worked like my first try with<br>
the difference the users are in LDAP instead of a file.<br>
<br>
Hope to get any hints<br>
<br>
Best regards.<br>
MS<br>
-<br>
List info/subscribe/unsubscribe? See <a href="http://www.freeradius.org/list/users.html" target="_blank">http://www.freeradius.org/list/users.html</a><br>
<br>
<br>
<br>
<br>
</span></font></p>
</div>
</div>
<p class="MsoNormal"><font size="3" face="Times New Roman"><span style="font-size:12.0pt"><font size="1"><br>
<div style='border:none;border-bottom:double windowtext 2.25pt;padding:0in
0in 1.0pt 0in'><br>
</div><br>
"This email is intended to be reviewed by only the intended recipient<br>
and may contain information that is privileged and/or confidential.<br>
If you are not the intended recipient, you are hereby notified that<br>
any review, use, dissemination, disclosure or copying of this email<br>
and its attachments, if any, is strictly prohibited. If you have<br>
received this email in error, please immediately notify the sender by<br>
return email and delete this email from your system."<br>
</font></span></font></p>
<div>
<div>
<p class="MsoNormal"><font size="3" face="Times New Roman"><span style="font-size:12.0pt"><br>
<br>
-<br>
List info/subscribe/unsubscribe? See <a href="http://www.freeradius.org/list/users.html" target="_blank">http://www.freeradius.org/list/users.html</a></span></font></p>
</div>
</div>
</div>
<p class="MsoNormal"><font size="3" face="Times New Roman"><span style="font-size:12.0pt"> </span></font></p>
</div>
</div></div></div><div><div></div><div class="h5">
<font size="1">
<div style="border:none;border-bottom:double windowtext 2.25pt;padding:0in 0in 1.0pt 0in">
</div>
"This email is intended to be reviewed by only the intended recipient
and may contain information that is privileged and/or confidential.
If you are not the intended recipient, you are hereby notified that
any review, use, dissemination, disclosure or copying of this email
and its attachments, if any, is strictly prohibited. If you have
received this email in error, please immediately notify the sender by
return email and delete this email from your system."
</font>
</div></div></div>
<br>-<br>
List info/subscribe/unsubscribe? See <a href="http://www.freeradius.org/list/users.html" target="_blank">http://www.freeradius.org/list/users.html</a><br></blockquote></div><br></div>