PEAP + RADIUS + local-Auth + LDAP
Florian Prester
Florian.Prester at rrze.uni-erlangen.de
Tue Jun 14 10:14:16 CEST 2005
Alan DeKok wrote:
>Florian Prester <Florian.Prester at rrze.uni-erlangen.de> wrote:
>
>
>> authorize: If I place the "users"-word before anything else, the
>>authorization should take place by the users-file, which means if an
>>user exists in the users-file it is authoized? correct?
>>
>>
>
> It means that the "users" file is processed before anything else.
>
> You don't need to move it, though. The default configuration works.
>
>
>
>> authenticate: If the password matches cleartext/crypt the users is
>>authenticated? correct?
>>
>>
>
> Yes.
>
>
>
>>2.) If I try to uses PEAP and LDAP I need cleartext-passwords!? correct?
>>
>>
>
> Or NT-Password.
>
>
Who can I control, which Password should be used?
>> If I add "ldap" after the "users"-wordin the authorize-section ldap
>>should only be used, if the user cannot be found in the users-file?
>>
>>
>
> No. See doc/configurable_failover
>
>
>
>> If I add password_attribute = "sn" thr user is authenticated, if
>>the password-hash-challenge is matching the sn-hash-challenge, meaning
>>the sn-attribute is taken as password? correct?
>>
>>
>
> Yes.
>
>
>
>>3.) What means the Groupe-authenticate/authorize if I am using ldap?
>>
>>
>
> I'm not sure what you mean by that.
>
> Alan DeKok.
>-
>List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>
>
--
--------------------------------------------------------------
Dipl. Inf. Florian Prester
Network Administration
Regionales RechenZentrum Erlangen
Universitaet Erlangen-Nuernberg
Germany
Tel.: +499131 8527813
More information about the Freeradius-Users
mailing list