Cian Phillips <cian@cca.edu> wrote:
With each of these I still have the problem where the Access-Request packet doesn't contain a User-Password attribute. I am guessing that there is something very fundamental that I am not understanding.. like "there isn't supposed to be a User-Password attribute coming from the AP" but if that's the case then I really don't understand how we authenticate against the LDAP directory without a password.
You don't. LDAP is a database, not an authentication server. FreeRADIUS is an authentication server. It pulls the password from LDAP, and uses that to authenticate the user.
I have tried a bunch of different "how-to's" and haven't had any success.. if someone could say they were certain that one of them worked that in itself would be a great deal of help.
If you're looking for details of how the authentication protocols work, the HOWTO's won't help you. They tell you how to get it to work, and they assume that you don't care about the internal design details of the system. If you DO really care about the design details of the authentication protocols, read the RFC's. They're in doc/rfc/*. Otherwise, configure the system as per the HOWTO's, and it *will* work. Alan DeKok.