authenticating against local LDAP and Jumpcloud LDAP

Michael Martinez mwtzzz at gmail.com
Tue Feb 16 20:46:22 CET 2016


Alan,
thanks for your reply. I've got a couple brief questions.

On Tue, Feb 16, 2016 at 6:18 AM, Alan DeKok <aland at deployingradius.com> wrote:
>
>
>   That move doesn't do anything useful in your configuration.
>
It did strike me as odd, so that's good to know.

>
>   Why not just configure LDAP directly in FreeRADIUS?  The server has done LDAP for oh, 15 years now.

In fact I would like to do this. But I haven't gotten far enough into
the documentation to know how. Perhaps just uncommenting the ldap
lines in the authorize section is sufficient.

>
>   Instead, figure out why the users are different.  Read the debug output.  Look at User-Names for local users, and for jump cloud users.  Are they consistently different?  How are they different?

There doesn't appear to be any difference, either is simply a basic
username like "test1" "test2". In the debug output they look like
this:
 User-Name = "test2"

Perhaps this is something REALMs would help distinguish? Looking
through inner-tunnel I see there is a suffix call that tries to
determine which realm is provided. In my case, the realm is null for
all users. If I were to create jumpcloud usernames with
user at something, what would the "suffix" routine do with it, and would
I be able to test for this in an if statement?

Thanks!
---
Michael Martinez
http://www.michael--martinez.com


More information about the Freeradius-Users mailing list