13 LDAP queries for one authorize!

A.L.M.Buxey at lboro.ac.uk A.L.M.Buxey at lboro.ac.uk
Thu Aug 23 22:34:04 CEST 2007


Hi,

> > ...which will only run the LDAP auth for the EAP inner request. You'll
> > still see two queries though for PEAP/MSCHAP
> 
> I see. I'll try that as soon as my girlfriend leaves again, I can only
> fiddle with the WiFi router when she's not home :)
> 
> 
> In the mean time, what does all this do, and why didn't my work? Will
> this also solve my problem with the ldap query?

upgrading to 2.0 CVS should also reduce the number of calls as its
sorted the EAP out a lot.  in answer to your question

1) proxy part makes sure that only INNER is called when its proxied to
127.0.0.1

2) INNER Auth part ensures that the ldap module is only called for the
INNER part of the check...not for everything else. also very very useful
as it stops outer ID junk and debris from being checked.

alan



More information about the Freeradius-Users mailing list