LDAP Module only for Authorization and not for Authentication

HRZ Konten hrzkonten at uni-bonn.de
Fri May 23 14:09:39 CEST 2008


I have Freeradius 1.1.7 and use it to check user and password with pam
The pam module uses pam_afs.so library to check in the kerberos IV
server. I want to keep this configuration but additionaly to make a
check for groups in LDAP.
Something like:
1. Authorize Huntgroup-Name== xxx, Ldap-Group==xxx....
2. Authenticate user + password through pam

Can I do authorization with LDAP and then authenticate with pam?
Then I don't want to provide any passwords in LDAP. Thay must stay in
the kerberos IV server.

When I use a remote LDAP-Server, should I configure some special modules
during the installation of radius?

Thanks. Regards

More information about the Freeradius-Users mailing list