A way to use LDAP only for authentication
Alan DeKok
aland at deployingradius.com
Wed May 14 03:40:12 CEST 2008
Konstantin KABASSANOV wrote:
> Using PEAP/mschapv2 with openldap through freeradius, I'd like to know if
> there is a way to allow all users in the authorize section of radiusd.conf
> (without doing ldap requests) and make the ldap request only in the
> authenticate section. It is useful for instance to avoid multiple ldap
> requests during authorization process in particular when a number of
> radius-request/challenges are exchanged between Access points and radius
> server.
In 2.0.4, you can run the LDAP module only for the inner tunneled
request. See raddb/sites-enabled/inner-tunnel.
Alan DeKok.
More information about the Freeradius-Users
mailing list