rlm_ldap behavior: authorize v.s. authenticate
Dusty Doris
freeradius at mail.doris.cc
Fri Dec 9 20:20:17 CET 2005
>> From reading debug logs, am I correct in concluding that rlm_ldap's
> behavior:
>
> - when processing authorize{ } is to bind to the LDAP as the provided
> administrative DN and search for the DN of the user in the Access-Request
> packet
>
> - when processing authenticate{ } is to, if successful during authorize, then
> re-bind to the LDAP using the provided username and password and return
> Access-Accept only if the bind-as-the-user succeeds?
>
> Correct, as the default behavior?
Sounds right to me.
More information about the Freeradius-Users
mailing list