freeradius-3.0.1 ldap authenticate

Arran Cudbard-Bell a.cudbardb at
Wed Feb 26 10:53:47 CET 2014

On 26 Feb 2014, at 09:33, zz d <zzd7zzd at> wrote:

> My colleague meet some hard problems with FR 2.X, I am not clear about details.
> When I take over the job, I began it with the latest release.

Which is the correct approach to take.

> For security, the LDAP should not return attribute userPassword to freeradius.

That's fine.

> any particular reason you are using the latest/feature release of FreeRADIUS?
> You will face issues like any pioneer on that platform.

Please don't dissuade people from using (and therefore testing) the new code.

For new deployments the v3.0.x branch should be used. v2.0.x is bug fix only.
The only features which will be backported are to aid in supporting the code

The only branch which should not be used (for now) is master, and even that
is pretty stable. It hasn't diverged excessively from v3.0.x.

> if what you've done hasnt solved the issue then its likely to be another bug/issue
> with the new code

It is *NOT* a bug in the new code. This question has been asked *SEVERAL* times
on the list, and stack overflow.

> Unknown value 'ldap' for attribute 'Auth-Type'

The values for Auth-Type are determined by the Auth-Type {} sections.

If you have unknown value 'ldap', it means you are missing an Auth-Type ldap section.


authenticate {
	Auth-Type ldap {

Arran Cudbard-Bell <a.cudbardb at>
FreeRADIUS Development Team

FD31 3077 42EC 7FCD 32FE 5EE2 56CF 27F9 30A8 CAA2

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 881 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <>

More information about the Freeradius-Users mailing list