freeradius2 using ldap/users file
hi i'm using radiusd: FreeRADIUS Version 2.1.6, for host i386-portbld-freebsd7.2 server configured with ldap. this works fine. we've got few users which would like to authorize via users file. but my radius always searches for the password in the ldap. is this behaviour normal? (these users have account in ldap and also in users file, but with different passwords) is there any way to go through? :) (i couldn't find anything) thaks for help fous -- View this message in context: http://www.nabble.com/freeradius2-using-ldap-users-file-tp24589272p24589272.... Sent from the FreeRadius - User mailing list archive at Nabble.com.
server configured with ldap. this works fine. we've got few users which would like to authorize via users file. but my radius always searches for the password in the ldap. is this behaviour normal? (these users have account in ldap and also in users file, but with different passwords)
is there any way to go through? :) (i couldn't find anything)
List files after ldap (it's listed before by default). Ivan Kalik Kalik Informatika ISP
Ivan Kalik wrote:
List files after ldap (it's listed before by default).
i've changed sites-enabled/default so that contains this authorize section authorize { preprocess chap mschap suffix eap { ok = return } # files redundant { ldap1 ldap2 } files expiration logintime pap } still does not work, pap still tries to use the ldap password anything wrong in the config file? fous -- View this message in context: http://www.nabble.com/freeradius2-using-ldap-users-file-tp24589272p24608279.... Sent from the FreeRadius - User mailing list archive at Nabble.com.
i've changed sites-enabled/default so that contains this authorize section
authorize { preprocess chap mschap suffix eap { ok = return } # files redundant { ldap1 ldap2 } files
expiration logintime pap }
still does not work, pap still tries to use the ldap password anything wrong in the config file?
No. How does your users file entry look like? Ivan Kalik Kalik Informatika ISP
Ivan Kalik wrote:
No. How does your users file entry look like?
this is my users file rusr Cleartext-Password := "clearPass" Cisco-AVPair = "\"ip:inacl#0=permit ip any 10.0.0.0 255.0.0.0" DEFAULT NAS-IP-Address == "10.12.2.106" Auth-Type = Accept DEFAULT NAS-IP-Address == "127.0.0.1" Auth-Type := Accept DEFAULT Auth-Type := Reject Reply-Message = "You are not allowed to connect." maybe here anything wrong? :) fous -- View this message in context: http://www.nabble.com/freeradius2-using-ldap-users-file-tp24589272p24621488.... Sent from the FreeRadius - User mailing list archive at Nabble.com.
Ivan Kalik wrote:
No. How does your users file entry look like?
this is my users file
rusr Cleartext-Password := "clearPass" Cisco-AVPair = "\"ip:inacl#0=permit ip any 10.0.0.0 255.0.0.0"
maybe here anything wrong? :)
No, that should overwrite the ldap entry. Post the debug. Ivan Kalik Kalik Informatika ISP
participants (3)
-
fous -
fous velkej -
Ivan Kalik