802.1x ->Radius ->Ldap
Alan DeKok
aland at deployingradius.com
Thu Jun 17 18:21:56 CEST 2010
Kyle Plimack wrote:
> I’ve read a lot of threads and looked at the protocol / encryption
> compatibility chart, but I’ve never seen someone say, “this is the
> solution”.
1) get PAP working against LDAP
2) follow the EAP guide (deployingradius.com) to get EAP working
3) configure ldap in the "inner-tunnel" virtual server
4) LDAP + EAP will work.
> An alternative I’m considering (I don’t know if its
> possible), is having radius pass the authentication request to PAM.
> Pam, on my radius server, is already connected to ldap, and should be
> able to provide the same authentication. Is is possible, and if so how
> should I do it?
Don't.
> Attached is the output from radiusd –X, can you help me determine why
> authentication is failing, but authorization is passing?
You missed step (3).
> Can I
> automatically authenticate once authorized? Why are they two different
> processes?
Because some people need them to be different processes.
Alan DeKok.
More information about the Freeradius-Users
mailing list