another wpa/ldap issue

Brian Dial bdial at rkk.com
Wed May 26 20:21:16 CEST 2010


Ah, that was it, thanks! 

Amazingly enough although I didn't think it was possible, i was able to get eap-ttls-pap working even with openldap users that have a ssha encrypted password by making it so pap attempts to bind as that user instead of doing a password compare.  given that i'm only setting up freeradius for this purpose (famous last words), is there anything inherently wrong with this approach? 


----- Original Message -----
From: "Alan DeKok" <aland at deployingradius.com>
To: "FreeRadius users mailing list" <freeradius-users at lists.freeradius.org>
Sent: Wednesday, May 26, 2010 11:11:50 AM GMT -05:00 US/Canada Eastern
Subject: Re: another wpa/ldap issue

Brian Dial wrote:
> hello everyone, i have a typical wpa + radius + ldap issue. Im using freeradius 2.1.6. i've tried to follow the 'dont edit anything but the ldap module, it will figure it out' mantra as much as possible.  i have an openldap server and the test user i'm using has a plain text password.  here is my ldap module config
> and now when i run the radtest there is no error, and it pretty much works the same.  Now I setup my cisco 1200 series ap to point to the freeradius server and configured a laptop to try to connect via EAP-TTLS with PAP.  Here is the debug 

  Edit raddb/sites-available/inner-tunnel, just like you edited
raddb/sites-available/default.

  Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html


"RK&K" and "RK&K Engineers" are registered trade names of Rummel, Klepper & Kahl, LLP, a Maryland 
limited liability partnership.  This message contains confidential information intended only for
the person or persons named above.  If you have received this message in error, please immediately 
notify the sender by return email and delete the message.  Thank you.



More information about the Freeradius-Users mailing list