Radius Server and Ldap Server

Mon Jan 13 16:48:04 CET 2014

You can.

Modify the ldap module and set “set_auth_type” = yes. This will set LDAP authentication if no other authentication type will accept your style of authentication, and then bind to LDAP using the username and password that has been passed to FreeRADIUS.

See http://wiki.freeradius.org/modules/Rlm_ldap for details. In order to use this style of authentication you MUST have PAP or EAP-TTLS/PAP, which I believe Alan Buxey has already made you set.

Stefan

From: freeradius-users-bounces+stefan.paetow=diamond.ac.uk at lists.freeradius.org [mailto:freeradius-users-bounces+stefan.paetow=diamond.ac.uk at lists.freeradius.org] On Behalf Of ???
Sent: 13 January 2014 14:17
To: FreeRadius users mailing list
Subject: RE: Radius Server and Ldap Server

I am not sure without ldap reply with a password(even plaintext password) can authentication be success?
Subject: Re: Radius Server and Ldap Server
From: a.cudbardb at freeradius.org<mailto:a.cudbardb at freeradius.org>
Date: Mon, 13 Jan 2014 11:20:05 +0000
To: freeradius-users at lists.freeradius.org<mailto:freeradius-users at lists.freeradius.org>

On 13 Jan 2014, at 10:47, 李亚坤 <liyakun127 at hotmail.com<mailto:liyakun127 at hotmail.com>> wrote:

>
> I have no right to change the setting of ldap server, and it will not reply me with a psssword. It only give me the accept message.

Then you can't do what you want.

You'll need to use TTLS-PAP or another EAP method that provides the plaintext password.

Arran Cudbard-Bell <a.cudbardb at freeradius.org<mailto:a.cudbardb at freeradius.org>>
FreeRADIUS Development Team

FD31 3077 42EC 7FCD 32FE 5EE2 56CF 27F9 30A8 CAA2

- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20140113/0803179f/attachment-0001.html>