Auth-Type := ldap

ST Wong (ITSC) ST at itsc.cuhk.edu.hk
Tue Jul 21 13:04:21 CEST 2015


Hi all,

We're using freeradius 3.0.4-6.el7 on RHEL 7, using LDAP authentication.  The server is setup and running without problem.
However, I got error when running radwho:

-------------- cut here --------------------
]# radwho
Tue Jul 21 18:58:16 2015 : Error: /etc/raddb/sites-enabled/default[384]: Parse error in condition
Tue Jul 21 18:58:16 2015 : Error:         if ((ok || updated) && User-Password) {
Tue Jul 21 18:58:16 2015 : Error:                               ^ Expected a module return code
radwho: Error reading or parsing radiusd.conf
-------------- cut here --------------------

I modified /etc/raddb/sites-enabled/default as following as mods-available/ldap mentioned:

-------------- mods-available/ldap  --------------------

       #  Note: set_auth_type was removed in v3.x.x
        #  Equivalent functionality can be achieved by adding the following
        #  stanza to the authorize {} section of your virtual server.
        #
        #    ldap
        #    if ((ok || updated) && User-Password) {
        #        update {
        #            control:Auth-Type := ldap
        #        }
        #    }
-------------- cut here --------------------


-------------- /etc/raddb/sites-enabled/default --------------------
        #
        #  The ldap module reads passwords from the LDAP database.
#       -ldap
        ldap
        if ((ok || updated) && User-Password) {
            update {
                control:Auth-Type := ldap
            }
        }
-------------- cut here --------------------

Did I miss anything?
Besides, I'm new to freeradius 3.x and can't find doc about the meaning of the minus sign before module (e.g. "-ldap").  Would anyone please help?

Thanks a lot.
Regards,
/ST Wong





More information about the Freeradius-Users mailing list