EAP-TTLS-PAP using LDAP for authorization and PAM for authentication
tnt at kalik.net
tnt at kalik.net
Sun Sep 28 15:26:09 CEST 2008
>The problem is that PAM is never used. This seems to be an artifact of
>the fact that rlm_ldap is supposed to fetch a "known good" password, but
>I don't have passwords in the LDAP database. rlm_ldap is indeed
>successful in authorizing, but there is no Auth-Type set to handle the
>authentication.
>
>If I for example force Auth-Type to PAM in the users file (not good, I
>know), TTLS-negotiation is never run.
>
Don't set it in users file. Set it using unlang in authorize section of
inner-tunnel virtual server.
Ivan Kalik
Kalik Informatika ISP
More information about the Freeradius-Users
mailing list