Windows Authentication and Authorization via LDAP on FreeRadius v2.1.4 Configuration Help!!!
Michael Schwartzkopff
misch at multinet.de
Tue Mar 24 20:24:29 CET 2009
Am Dienstag, 24. März 2009 17:29:26 schrieb Edwin Isada:
> Thanks for all the info and missed reading the comments at the end of the
> radiusd.conf. I uncommented out the ldap portions of
> /usr/local/etc/raddb/sites-enabled. My config in modules section is
>
> ldap {
> server = "ciq-dc1.ciq.com"
> port = 636
> identity = "ciq\\radius"
> password = "password"
> basedn = "dc=ciq,dc=com"
> filter =
> "(&(objectCategory=user)(samaccountname=%{user-name})(memberOf=cn=MIS-Admin
>s-All,OU=MIS Admin,DC=CIQ,DC=COM))"
> access_attr = "samAccountName"
> ldap_connections_number = 5
> timeout = 4
> timelimit = 3
> }
>
> However, I'm getting some errors when running in debug mode. Here they
> are:
>
> /usr/local/etc/raddb/radiusd.conf[644]: Failed to link to module
> 'rlm_ldap': rlm_ldap.so: cannot open shared object file: No such file or
> dire
> ctory
> /usr/local/etc/raddb/sites-enabled/default[163]: Failed to find module
> "ldap".
> /usr/local/etc/raddb/sites-enabled/default[62]: Errors parsing authorize
> section.
> }
> Errors initializing modules
>
> Am I missing something here...
>
> On Tue, Mar 24, 2009 at 11:08 AM, <tnt at kalik.net> wrote:
> > >Excuse me for my lack of knowledge with Linux and FreeRadius. I hardly
> >
> > have
> >
> > >any experience and I've been using version 1.1.3 for the past few weeks
> >
> > and
> >
> > >had authentication working properly for Cisco devices. I decided to
> >
> > install
> >
> > >the latest version 2.1.4 and forgot to save all my configuration for
> >
> > 1.1.3.
> >
> > >Hopefully I'll learn my lesson next time =) The radiusd.conf file from
> >
> > what
> >
> > >I recall looks totally different. I inserted my ldap information in the
> > >modules section, but running the basic debug I'm seeing an error "No
> > >authenticate method (Auth-Type). Even running the recommended radtest
> >
> > it's
> >
> > >failing in reviewing the debug. I believe I'm missing authenticate
> >
> > config.
> >
> > >If so do I need to modify another file or add it to radiusd.conf? I'm a
> > >little lost here if someone can point me the right direction and
> > > hopefully
> >
> > I
> >
> > >can proceed with getting authorization working afterwards.
> >
> > Did you read the comments at the end of radiusd.conf? It does say that
> > authorize, authenticate and other sections are now in virtual servers.
> > Look up default virtual server and enable ldap in there.
> >
> > Ivan Kalik
> > Kalik Informatika ISP
> >
> > -
> > List info/subscribe/unsubscribe? See
> > http://www.freeradius.org/list/users.html
If you want to authenticate against AD read:
http://wiki.freeradius.org/FreeRADIUS_Active_Directory_Integration_HOWTO
--
Dr. Michael Schwartzkopff
MultiNET Services GmbH
Addresse: Bretonischer Ring 7; 85630 Grasbrunn; Germany
Tel: +49 - 89 - 45 69 11 0
Fax: +49 - 89 - 45 69 11 21
mob: +49 - 174 - 343 28 75
mail: misch at multinet.de
web: www.multinet.de
Sitz der Gesellschaft: 85630 Grasbrunn
Registergericht: Amtsgericht München HRB 114375
Geschäftsführer: Günter Jurgeneit, Hubert Martens
---
PGP Fingerprint: F919 3919 FF12 ED5A 2801 DEA6 AA77 57A4 EDD8 979B
Skype: misch42
More information about the Freeradius-Users
mailing list