FR3.0 and LDAP
Maja Wolniewicz
mgw at umk.pl
Tue Aug 13 11:47:58 CEST 2013
W dniu 13.08.2013 10:50, Arran Cudbard-Bell pisze:
> On 13 Aug 2013, at 09:48, Maja Wolniewicz <mgw at umk.pl> wrote:
>
>> W dniu 13.08.2013 10:41, A.L.M.Buxey at lboro.ac.uk pisze:
>>> Hi,
>>>
>>>> Our freeradius server uses a few of LDAP databases (depending on the
>>>> realm) and not all of them are under our control.
>>> use different ldap modules for different realms?
>>>
>>> if (%{realm} == "specialone\.pl") {
>>> ldap-specialone
>>> }
>>>
>>>
>>> etc ?
>> but there is no way to use the LDAP database in FR3.0 without enabling
>> read access to a password attribute.
> Of course there is. The authenticate method of the ldap module does bind as user. The success of the bind is an indication of whether authentication succeeded. You need a cleartext copy of the password from the user though.
Thanks Arran,
it works as I expected when I set
Auth-Type := LDAP
in the authorize section.
Maja
> Arran Cudbard-Bell <a.cudbardb at freeradius.org>
> FreeRADIUS Development Team
>
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/devel.html
--
Maja Gorecka-Wolniewicz mgw at umk.pl
Uczelniane Centrum Information & Communication
Informatyczne Technology Centre
Uniwersytet Mikolaja Kopernika Nicolaus Copernicus University
Coll. Maximum, pl. Rapackiego 1, 87-100 Torun, Poland
tel.: +48 56-611-27-40 fax: +48 56-622-18-50 tel. kom.: +48-693032574
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3393 bytes
Desc: Kryptograficzna sygnatura S/MIME
URL: <http://lists.freeradius.org/pipermail/freeradius-devel/attachments/20130813/eff2af7e/attachment.bin>
More information about the Freeradius-Devel
mailing list