Different LDAPs for different realms

Šerých Jakub Serych at panska.cz
Wed Jun 10 09:46:08 CEST 2015


Dear freeradius group,
I'm sorry for such a newbie question, but I'm little bit lost in the freeradius configuration files structure. 

I have freeradius 3.0.9 running on Debian 8 in the eduroam network. I need to authenticate users of my organization realms on my server using LDAP (I have 2 realms with sepparate LDAP servers (on MS active directory controllers)). All other realms I need to send to national eduroam radius server by the radsec channel. 
At the moment my configuration works with the users added to "users" file.

But when I tried to configure LDAP authentication using tutorials found on the Internet:
- specification of LDAP server access in the modules-enabled/ldap
- switching the ldap authentication in the sites-enabled/inner-tunnel
authorize {
  .
  ldap
  .
}
.
authenticate {
  .
  Auth-Type LDAP {
    ldap
  }
  .
}

it tries to LDAP authenticate all the users with any realm, not only my internal realms. 

Could anybody send me some example configuration files for such situation or reference to some tutorial solving it?

Thanks in advance for any info

Jakub




More information about the Freeradius-Users mailing list