authenticating against local LDAP and Jumpcloud LDAP
mwtzzz at gmail.com
Tue Feb 16 20:46:22 CET 2016
thanks for your reply. I've got a couple brief questions.
On Tue, Feb 16, 2016 at 6:18 AM, Alan DeKok <aland at deployingradius.com> wrote:
> That move doesn't do anything useful in your configuration.
It did strike me as odd, so that's good to know.
> Why not just configure LDAP directly in FreeRADIUS? The server has done LDAP for oh, 15 years now.
In fact I would like to do this. But I haven't gotten far enough into
the documentation to know how. Perhaps just uncommenting the ldap
lines in the authorize section is sufficient.
> Instead, figure out why the users are different. Read the debug output. Look at User-Names for local users, and for jump cloud users. Are they consistently different? How are they different?
There doesn't appear to be any difference, either is simply a basic
username like "test1" "test2". In the debug output they look like
User-Name = "test2"
Perhaps this is something REALMs would help distinguish? Looking
through inner-tunnel I see there is a suffix call that tries to
determine which realm is provided. In my case, the realm is null for
all users. If I were to create jumpcloud usernames with
user at something, what would the "suffix" routine do with it, and would
I be able to test for this in an if statement?
More information about the Freeradius-Users