ldap - edirectory authentication

Peter Lambrechtsen plambrechtsen at gmail.com
Sat Dec 11 02:05:18 CET 2010


On Sat, Dec 11, 2010 at 3:59 AM, Gary Gatten <Ggatten at waddell.com> wrote:

>  Look in the configure script, or maybe try ./configure --help. Else the
> config options are probably listed in one of the readme's.
>

Yes it's a configure switch when you compile FR.

I would assume that since it's a version distributed with SLES (I would
assume OpenSUSE would be the same), but can check in the srpm to make sure
it's in there. But I would be surprised if it wasn't.

The main things to be sure is your Universal Password policy assigned to
your users allows Admin's (or a specific user) to retreieve the User's
password, and that the service account you use to bind to eDirectory in FR
is one of those accounts.  And that you are binding over LDAPS (SSL) on port
636 typlically.  Which may require you to import in the LDAP Server's CA
Cert into the certificate keystore in the LDAP SSL Config.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20101211/2f05be74/attachment.html>


More information about the Freeradius-Users mailing list