default authentication via windows active directory LDAP instead of /users

A.L.M.Buxey at lboro.ac.uk A.L.M.Buxey at lboro.ac.uk
Tue Mar 7 17:11:10 CET 2017


Hi,

>    default behaviour.
>    so a configured LDAP in modules/ldap will always be queried first? or does
>    it depend on the placement of "DEFAULT Ldap-Group == " in the users file?

if you look at the config - by default, the 'default virtual server in sites-enabled,
the server goes through the authorize section first, if ldap is enabled in there,
then ldap may be used in the authenticate section - if its enabled - read the configuration file
ALL the info you need is actually written in there (unless you have removed it, of the package
maintainer has)

>    It can also be the firewall here which I have to figure out.
>    "radtest USERNAME PASSWORD localhost 0 testing123" still results in an
>    access-reject

<shrug> as already said, you are not providing information, the standard response of 'whats the output
of radiusd -X' is for the purpose of getting tha info...the server will be showing you exactly what
it does and why things are failing.

run in full debug...until you get things working.

alan


More information about the Freeradius-Users mailing list