Re: FR 3.x | rlm_ldap | bind as user?
Arran Cudbard-Bell
a.cudbardb at freeradius.org
Thu Feb 13 17:26:55 CET 2014
On 13 Feb 2014, at 15:45, Erwann Thoraval <erwann.thoraval at mines-paristech.fr> wrote:
> Hello list,
>
> With FR 2.2.0 (fedora 18), my users are authenticated using "bind as user" from rlm_ldap (EAP/TTLS-PAP).
>
> However, i am not able to have the same behaviour with FR 3.0.1 (fedora 20). I didn't copy my old ldap configuration from 2.2 to 3.0, but created a new one from the sample file.
>
> Is it still possible to authenticate with ldap "bind as user" in FR 3.0? Or do i need to provide an admin account to rlm_ldap for browsing into the ldap database?
Yep, but you need to set the auth method manually.
authorize {
ldap
if (ok && User-Password) {
update control {
Auth-Type := ldap
}
}
}
authenticate {
Auth-Type ldap {
ldap
}
}
There's no toggle for doing this from within the LDAP module anymore.
Arran Cudbard-Bell <a.cudbardb at freeradius.org>
FreeRADIUS Development Team
FD31 3077 42EC 7FCD 32FE 5EE2 56CF 27F9 30A8 CAA2
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 881 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20140213/2a595e25/attachment.pgp>
More information about the Freeradius-Users
mailing list