Re: FR 3.x | rlm_ldap | bind as user?

Arran Cudbard-Bell a.cudbardb at
Thu Feb 13 17:26:55 CET 2014

On 13 Feb 2014, at 15:45, Erwann Thoraval <erwann.thoraval at> wrote:

> Hello list,
> With FR 2.2.0 (fedora 18), my users are authenticated using "bind as user" from rlm_ldap (EAP/TTLS-PAP).
> However, i am not able to have the same behaviour with FR 3.0.1 (fedora 20). I didn't copy my old ldap configuration from 2.2 to 3.0, but created a new one from the sample file.
> Is it still possible to authenticate with ldap "bind as user" in FR 3.0? Or do i need to provide an admin account to rlm_ldap for browsing into the ldap database?

Yep, but you need to set the auth method manually.

authorize {
	if (ok && User-Password) {
		update control {
			Auth-Type := ldap

authenticate {
	Auth-Type ldap {

There's no toggle for doing this from within the LDAP module anymore.

Arran Cudbard-Bell <a.cudbardb at>
FreeRADIUS Development Team

FD31 3077 42EC 7FCD 32FE 5EE2 56CF 27F9 30A8 CAA2

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 881 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <>

More information about the Freeradius-Users mailing list