802.1x, EAP and LDAP

Mike Richardson doctor at mcc.ac.uk
Tue Mar 4 09:17:01 CET 2008 

On Tue, Mar 04, 2008 at 07:33:09AM +0100, Alan DeKok wrote:
> Mike Richardson wrote:
> > I've been making changes for 8 hours a day for over a week so it might
> > differ from the original.
> 
>   Which is a bit of a problem in and of itself.

I posted the configs in the original email - was there anything in there
which looked completely out of place?

> > How does the config know to use PAP rather than CHAP/MSCHAP? 
> 
>   Because all of the experience of the developers working for years with
> RADIUS is distilled into the configuration files.

Is there any documentation on how this works? I would like to know.

> > I've been through every config guide I can find on the net, several times.
> 
>   If it takes more than 10 minutes to get FreeRADIUS authenticating to
> LDAP, ask a question on the list.  Honestly.  It's *so* much better to
> get an answer on the list than to fight for a week...

I don't mind fighting for a week if it works at the end and I have a better
understanding. At this point it doesn't work but I do have a better
understanding. Most software takes more than 10 minutes to understand and
configure and I wouldn't be confident in my ability to support it campus
wide if I'd only spend 10 mins on it. I don't believe in asking for help
without doing as thorough as job as I can in experimenting and learning.

Normally between time, trial and error and google things will work. In this
case, unfortunately not. It's the first time I've had to post to a mailing
list for help in many years and, no offence intended, it feels like I'm
admitting defeat. 

>   My deployingradius.com site?  It has a number of resources.

Thanks, I'll take a look.

>   Of course.  Only Novell understands how eDirectory works.
> 
>   For LDAP, buy the O'Reilly OpenLDAP book.  It has a good section on
> getting OpenLDAP && FreeRADIUS to talk to each other.  It's very quick...

Thanks again.

Mike

-- 
Mike Richardson
Networks
IT Services, University of Manchester
*Plain text only please - attachments stripped on arrival*

More information about the Freeradius-Users mailing list