How do I have one Freeradius server hosting multiple ldap instances and associate each SSID with particular LDAP instance to authenticate

Ziggy Bopster ziggybopster at gmail.com
Mon Sep 20 22:47:33 CEST 2010


Hi  Freeradius user group,

I am relatively new to using Freeradius.  Thanks for all your help
and patience in advance:

I would like to have one Freeradius server hosting multiple ldap instances
and associate each SSID with particular LDAP ou to authenticate.  For
example:
 1) Marketing SSID associated with LDAP1 marketing_ldap instance pointing to
i.e. OU=Marketing,o=US to authenticate using EAP-PEAP MSCHAPv2
2) Accounting SSID associated with LDAP2 accounting_ldap instance pointing
to i.e. OU=Accouting,o=US to authenticate using EAP-PEAP MSCHAPv2

Ultimately, I would also need to do the following:
3) Secure SSID associated with multiple LDAPs.. If user is not found in 1st
LDAP, it would look in 2nd LDAP followed by 3rd LDAP..

*How do I do items 1 & 2 (priority) above?  Doing item #3 above is down the
road.  Please help.. I greatly appreciate your advice.. Thank you.  I've
been searching google for a couple of days and I'm stuck..*

I already have the following configured on my FreeRADIUS Version 2.1.1 on
SLES 11 SP1:
*1) /etc/raddb/modules/ldap*
with ldap marketing_ldap
with accounting_ldap

*2) /etc/raddb/sites-available/default &
/etc/raddb/sites-available/inner-tunnel*
Enable LDAP1 & LDAP2 in
Authorize Section
Authenticate Section
Post-Auth Section

 *3) /etc/raddb/eap.conf*
configured to use PEAP

*4) /etc/raddb/modules/mschap*
 mschap settings

*5) /etc/raddb/clients.conf*
settings to Cisco WLAN AP


Thank you,
doreen
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20100920/abeebd29/attachment.html>


More information about the Freeradius-Users mailing list