PEAP + RADIUS + local-Auth + LDAP
Florian Prester
Florian.Prester at rrze.uni-erlangen.de
Mon Jun 13 08:46:13 CEST 2005
Hi all,
I need to know if I understand something wrong:
1.) raidusd.conf:
authorize: If I place the "users"-word before anything else, the
authorization should take place by the users-file, which means if an
user exists in the users-file it is authoized? correct?
authenticate: If the password matches cleartext/crypt the users is
authenticated? correct?
2.) If I try to uses PEAP and LDAP I need cleartext-passwords!? correct?
If I add "ldap" after the "users"-wordin the authorize-section ldap
should only be used, if the user cannot be found in the users-file?
If I add access_attr = "uid" the users is authorized, I the
attribute "uid" is present in ldap.
If I add password_attribute = "sn" thr user is authenticated, if
the password-hash-challenge is matching the sn-hash-challenge, meaning
the sn-attribute is taken as password? correct?
3.) What means the Groupe-authenticate/authorize if I am using ldap?
Thanks
Florian
--
--------------------------------------------------------------
Dipl. Inf. Florian Prester
Network Administration
Regionales RechenZentrum Erlangen
Universitaet Erlangen-Nuernberg
Germany
Tel.: +499131 8527813
More information about the Freeradius-Users
mailing list