Configuring LDAP for query ONLY...

Eric Martell workoutexcite at yahoo.com
Tue Dec 4 20:41:12 CET 2007


Thanks so much Phil. I am using freeradius-1.0.4

I am going to install the latest version and will try
your suggestion.

Thanks and Regards.
Eric.


--- Phil Mayers <p.mayers at imperial.ac.uk> wrote:

> Eric Martell wrote:
> > Hi,
> >   Is it possible to altogether avoid authenticate
> > section  and just do ldap lookups in the authorize
> > section?
> > 
> > authorize {
> >    ldap {
> >      notfound = reject
> >    }
> > }
> > 
> > The problem is in the authenticate section, radius
> > gets the userDN from the authorize and tries to
> "bind"
> > ldap with password which we don't have.
> > 
> > I also tried in users file
> > Ldap-UserDN := `cn=Manager,dc=eng,dc=com/answer2` 
> 
> Assuming you are using a recent version of
> FreeRadius, you can do one of 
> the following:
> 
> modules {
>    ldap {
>      ...
>      set_auth_type = no
>    }
> }
> 
> authorize {
>    preprocess
>    ldap
>    pap
> }
> 
> authenticate {
>    Auth-Type PAP {
>      pap
>    }
> }
> 
> 
> 



      ____________________________________________________________________________________
Be a better pen pal. 
Text or chat with friends inside Yahoo! Mail. See how.  http://overview.mail.yahoo.com/



More information about the Freeradius-Users mailing list