Juergen Koller klr at idmt.fraunhofer.de
Wed Jun 2 00:24:42 CEST 2010

I am trying to set up freeradius 2.1.8 to authorize an user using LDAP 
and to authenticate him using EAP. Every user in the LDAP-database and a 
valid EAP-certificate should get access. If not in the LDAP-database the 
user should be rejected.
If I only use EAP for authentication and authorazation every thing is ok.

I am trying this by using a

DEFAULT  Autz-Type := LDAP1
in the users file.

freeradius checks now for authorization against the LDAP-database and 
gets back if the user exists or not (according to the debug output). But 
  the user will not be rejected, if not in the LDAP-database.

Perhaps I did not read the right document file right now. Perhaps 
Autz-Type is the totaly wrong approach.
Any hints?


email: koller at idmt.fraunhofer.de
gilb:  Fraunhofer-IDMT, Ehrenbergstrasse 31, 98693 Ilmenau
Tel.:  +49 3677 467-340                        Fax:   +49 3677 467-4340
GSM:   +49 175 183 5160

More information about the Freeradius-Users mailing list