Ldap + freeradius... Again

Arran Cudbard-Bell a.cudbardb at freeradius.org
Fri Mar 15 04:39:19 CET 2013


On 14 Mar 2013, at 22:52, fernando.sg1 at gmail.com wrote:

> Ok man,
> keep dont help too much, ill try again,
> the documentation dont helped before and i guess this will not help again...
> im keep saying dont need to be rude man, do you born everything? 2 months ago i never used a linux pc, now im trying to learn, if you say: 

Why are you trying to setup FreeRADIUS? I mean it's not at a postfix/cyrus level of obtuseness, but it's not exactly suitable for beginners. It requires too much domain knowledge, and general competence in a bunch of different diciplines to be used effectively.

Integrating with an LDAP directory is typically not something a home user who just wants to setup a dd-wrt AP and experiment with WPA2-Enterprise would do.

If this is for a client are you sure you wouldn't be more comfortable using NPS, IAS, ACS? There are many commercial alternatives available. 

If you're a junior system administrator/intern then you should probably request a different project.

If you're determined to continue, and the config snippet below doesn't help. Then I would strongly advise downloading FreeRADIUS 3.0.0 and reading over the LDAP code. It's much simpler and easier to understand than the code in 2.1.x.

The error message you see is ocurring in the main code body however, so try greping through the code for the log message you're receiving, and see what possible conditions in the code could cause it.

> hey man, you make lots of change that arent the correct try to do that, and that, and that....
> you probably would helped me more.

Yeah... the people on this list who have been around a while get tired of repeating the same crap over and over again.

> as you say, you teach me a lesson, try to follow the documentation and dont use guides on internet
> and i'm trying to teach you: be more gentle, no1 born knowing everything. 

authorize {
	ldap
	if (ok && User-Password) {
		update control {
			Auth-Type := "ldap"
		}
	}
}

authenticate {
	Auth-Type LDAP {
		ldap
	}
}

-Arran


More information about the Freeradius-Users mailing list