On 10/26/2010 03:59 AM, midnightsteel wrote:
Has anyone gotten Freeradius 2.x and LDAP (OpenLDAP, FDS, etc...) to properly authenticate users?
I get the following in my radius log
Auth: Login incorrect: [wii/<via Auth-Type = EAP>] (from client access port 0 via TLS tunnel) Auth: Login incorrect: [wii/<via Auth-Type = EAP>] (from client access port 14 cli 78e400881f19)
This is driving me crazy. I can authenticate users from the radius serve to ldap but not from the access point to radius to ldap
If anyone has gotten it to work please post the example config files that you used. Im open to answer any questions that you may have about my configs.
Access point using WPA2-Enterprise>> Freeradius 2.x>> 389-DS(Fedora LDAP)
Yes, people have used LDAP to authenticate 802.1x. Run the server in debug mode (I should get a keyboard macro to type this) and look at the output: radiusd -X | tee logfile ...as you make an authentication attempt. Chances are if you read that debug output (as suggested in the README) you'll see the problem. If not post the full debug output here. In brief: 1. Your ldap server needs to contain the password hash(es) appropriate for your method of authentication(s) - or better yet the plaintext - and the freeradius binddn must be able to see them 2. The attribute names should match ldap.attrmap, or you should update is You said "FreeRadius 2.x". That's a bit vague. What is the actual version?