802.1x with freeradius + PEAP + 3com Switch

tnt at kalik.net tnt at kalik.net
Thu Feb 5 15:46:47 CET 2009

>It seems freeradius "tries" to authenticate the computer from the
>In radiusd.conf I have the following:
>  ldap {
>         server = ""
>         identity = "uid=dot1x_read_user,ou=People,dc=mydomain,dc=com"
>         password = ldapreadpasswd
>         basedn = "ou=People,dc=mydomain,dc=com"
>         filter = "(uid=%{mschap:User-Name:None})"
>I now need to instruct the ldap to search in
>ou=Computers,dc=mydomain,dc=com for the computers authentication.
>How do I do this while preserving the working users auth ?

Make another ldap instance that has that basedn. Machine usernames have $
at the end - use unlang to test for that and switch ldap instance as

Ivan Kalik
Kalik Informatika ISP

More information about the Freeradius-Users mailing list