LDAP Groups to Freeradius and then Ruckus Wireless?

Fajar A. Nugraha list at fajar.net
Mon Jun 9 10:46:43 CEST 2014

On Mon, Jun 9, 2014 at 3:27 PM, Enrique Sainz Baixauli
<enriquesainz.beca at intef.educacion.es> wrote:
>>>> If you upgrade to v3.0.x HEAD it can be made even simpler.
>>> Well, thanks, but that's way too bleeding edge for this purpose :).
>>> Remember I was supposed to stick to stable software - ie v2.x.x
>>> Anyway, If I have time I will test it just to let you know. When is
>>> that feature expected to be released? I guess it's not 3.0.4, since
>>> it's already RC...
>>No, it'll be 3.0.4 it's in 3.0.4rc1.
> Ok, then I'll try it when 3.0.4 is ready :)
> In the meantime, I am trying to configure EAP-TLS for a more secure
> authentication based on client certificates. I generated a CA certificate
> and used it to sign server and client certificates, which I installed where
> I needed. However, trying to associate a W7 machine to the AP resulted in
> freeradius segfaulting:
> (5) # executing section post-auth from file
> /etc/freeradius/sites-enabled/default
> (5) cache: [... creating cache entry ...]
> (5) [cache] = updated
> (5) foreach &control:LDAP-Group
> (5)   update reply {
> Segmentation fault
> In update reply {} there is only one line of code:
> &Ruckus-User-Groups += "%{Foreach-Variable-0}"
> And the call to the cache module was the only previous uncommented line in
> post-auth. So I'm quite clueless about where the segfault comes from, since
> that same line worked perfectly with MSCHAPv2 inside of PEAP... If you need
> any more debug output feel free to ask :)

I'm guessing you'd need to follow
or http://lists.freeradius.org/pipermail/freeradius-devel/2014-January/009084.html


More information about the Freeradius-Users mailing list