Thanks for all the info and missed reading the comments at the end of the radiusd.conf. I uncommented out the ldap portions of /usr/local/etc/raddb/sites-enabled. My config in modules section is
ldap {
server = "ciq-dc1.ciq.com"
port = 636
identity = "ciq\\radius"
password = "password"
basedn = "dc=ciq,dc=com"
filter = "(&(objectCategory=user)(samaccountname=%{user-name})(memberOf=cn=MIS-Admins-All,OU=MIS Admin,DC=CIQ,DC=COM))"
access_attr = "samAccountName"
ldap_connections_number = 5
timeout = 4
timelimit = 3
}
However, I'm getting some errors when running in debug mode. Here they are:
/usr/local/etc/raddb/radiusd.conf[644]: Failed to link to module 'rlm_ldap': rlm_ldap.so: cannot open shared object file: No such file or dire
ctory
/usr/local/etc/raddb/sites-enabled/default[163]: Failed to find module "ldap".
/usr/local/etc/raddb/sites-enabled/default[62]: Errors parsing authorize section.
}
Errors initializing modules
Am I missing something here...
>Excuse me for my lack of knowledge with Linux and FreeRadius. I hardly haveDid you read the comments at the end of radiusd.conf? It does say that
>any experience and I've been using version 1.1.3 for the past few weeks and
>had authentication working properly for Cisco devices. I decided to install
>the latest version 2.1.4 and forgot to save all my configuration for 1.1.3.
>Hopefully I'll learn my lesson next time =) The radiusd.conf file from what
>I recall looks totally different. I inserted my ldap information in the
>modules section, but running the basic debug I'm seeing an error "No
>authenticate method (Auth-Type). Even running the recommended radtest it's
>failing in reviewing the debug. I believe I'm missing authenticate config.
>If so do I need to modify another file or add it to radiusd.conf? I'm a
>little lost here if someone can point me the right direction and hopefully I
>can proceed with getting authorization working afterwards.
authorize, authenticate and other sections are now in virtual servers.
Look up default virtual server and enable ldap in there.
Ivan Kalik
Kalik Informatika ISP