When to ldap?
Alan DeKok
aland at deployingradius.com
Thu May 13 07:54:23 CEST 2010
Dean, Barry wrote:
> I am working on a new radius config and have been trying to avoid the lookup in LDAP I have been seeing for the outer identity.
>
> I have moved to 2.1.8 with the inner-tunnel virtual host enabled.
>
> I have an authorise section for the relevant virtual server that has:
*which* virtual server?
> The "if(!EAP-Message)" works a treat at preventing an LDAP lookup for the outer identity, but if I want to send a basic User-Name/User-Password type auth request after checking with LDAP and returning "Remote access is permitted", I then see:
>
> No authenticate method (Auth-Type) configuration found for the request: Rejecting the user
And the *rest* of the debug log says.... ?
> I presume:
>
> if (!EAP-Message) {
> ldap
> }
>
> Fails to set Auth-Type LDAP?
Yes. It *shouldn't*, either. That was a mistake from 1.x.
Alan DeKok.
More information about the Freeradius-Users
mailing list