Configuring LDAP for query ONLY...
Eric Martell
workoutexcite at yahoo.com
Tue Dec 4 20:41:12 CET 2007
Thanks so much Phil. I am using freeradius-1.0.4
I am going to install the latest version and will try
your suggestion.
Thanks and Regards.
Eric.
--- Phil Mayers <p.mayers at imperial.ac.uk> wrote:
> Eric Martell wrote:
> > Hi,
> > Is it possible to altogether avoid authenticate
> > section and just do ldap lookups in the authorize
> > section?
> >
> > authorize {
> > ldap {
> > notfound = reject
> > }
> > }
> >
> > The problem is in the authenticate section, radius
> > gets the userDN from the authorize and tries to
> "bind"
> > ldap with password which we don't have.
> >
> > I also tried in users file
> > Ldap-UserDN := `cn=Manager,dc=eng,dc=com/answer2`
>
> Assuming you are using a recent version of
> FreeRadius, you can do one of
> the following:
>
> modules {
> ldap {
> ...
> set_auth_type = no
> }
> }
>
> authorize {
> preprocess
> ldap
> pap
> }
>
> authenticate {
> Auth-Type PAP {
> pap
> }
> }
>
>
>
____________________________________________________________________________________
Be a better pen pal.
Text or chat with friends inside Yahoo! Mail. See how. http://overview.mail.yahoo.com/
More information about the Freeradius-Users
mailing list