ldap+freeradius

suggestme samanaupadhyay at hotmail.com
Fri Nov 11 14:31:51 CET 2011 

Guys,
 
I configured FreeRadius for Authentication with Active Directory by following the steps as suggested by Alan's deployingradius.com. Everything is working successfully like Samba, Kerberos, ntlm_auth configuration, I can successfully join the domain as an administrator and also user can be authenticated by their credentials successfully. Now I need one suggestion here: Is there any way that administrator be able to read and write the information about user's access privileges by joining the domain. Such as users are allowed/denied for WIFi access, VPN access etc. I don't know whether it is possible or not by confguring anything with Samba/Kerberos/ntlm_auth/FreeRadius or should I need any other program to obtain this goal. 
 
 
I am configuring FreeRadius for the 1st time so, your idea will be greately appreciated.
 
 
Thanks,



Date: Wed, 9 Nov 2011 18:06:16 -0800
From: ml-node+s1045715n4979784h86 at n5.nabble.com
To: samanaupadhyay at hotmail.com
Subject: Re: ldap+freeradius

Hi, 

> *Sorry for the confusion I made. I have put the name of LDAP server 
> accordingly , not the localhost. Just for privacy I didn't put here.* 

okay.... 

> Here is the output of radiusd -X command: 

and there. bingo. 

>         libdir = "/usr/local/lib/freeradius-2.1.10" 

urgh. why? really...why? 

when you did the ./configure stage did you ask for it to go into 
this special non-standard directory? 

if its there....then you need to ensure that your system knows 
its there too - and a default server wont. you will need to edit 
the configuration file for your dynamic linker - usually /etc/ld.so.conf 
..and then re-run /sbin/ldconfig 

..you need to ensure your linker shows that it knows this.... 

/sbin/ldconfig -v    if you need to check and double-check. if you dont see 
the freeradius libraries there at all then you need to check again. 

finally...if you dont see the rlm_ldap.so then go back one more step...and check 
that the LDAP module was actually built int he first place! 

./configure --with-whatever-options  | grep WARN 

you need to ensure you have LDAP support installed - the ldap development libraries 
usually something like openldap-devel in your package manager 


the fact that all the other bits work suggests that the other .so files are found..which 
points to the lack of ldap development libraries as the main culprit 

> /usr/local/etc/raddb/modules/ldap[29]: Failed to link to module 'rlm_ldap': 
> file not found 
> /usr/local/etc/raddb/sites-enabled/inner-tunnel[237]: Failed to load module 
> "ldap". 
> /usr/local/etc/raddb/sites-enabled/inner-tunnel[237]: Failed to parse "ldap" 
> entry. 

yep. the .so dynamic library file cannot be loaded 

alan 
- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html






If you reply to this email, your message will be added to the discussion below:http://freeradius.1045715.n5.nabble.com/ldap-freeradius-tp2781398p4979784.html 
To unsubscribe from ldap+freeradius, click here.
See how NAML generates this email  		 	   		  

--
View this message in context: http://freeradius.1045715.n5.nabble.com/ldap-freeradius-tp2781398p4984367.html
Sent from the FreeRadius - User mailing list archive at Nabble.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20111111/03a7f477/attachment.html>

More information about the Freeradius-Users mailing list