OK - Updating to the latest CVS snapshot allowed me to use the := operator.
I can now
specify Auth-Type := Ldap in the SQL database, and it will actually work. :)
I'm THIS >< close to getting everything working. Here's the latest, and
hopefully, the
last issue I'm encountering.
The Authenticate section of my radiusd.conf specifies unix and ldap as the
authentication methods. When I try to log in using my LDAP test account, I get
the message
rlm_ldap: Attribute "Password" is required for authentication. Cannot use
"Stripped-User-Name".
I've tried using different filters, but I always get the same thing.
I read in the docs or the FAQ (I can't remember which) that the best thing
to do is
to use ldap in the Authorize section, have it bind as the user to confirm
the password,
and then use ldap in the Authenticate section - but if I put 'ldap' in the
Authorize section,
radiusd segfaults when I try to authenticate a user, whether or not that
user is in LDAP.
Here's the module config I have for rlm_ldap. Thanks for whatever help you
can offer.
ldap {
server = "ldap.nstc.com"
identity = "cn=myLdapRootDN,dc=jtnllc,dc=com"
password = myLdapRootPassword
basedn = "ou=Users,dc=jtnllc,dc=com"
filter = "(uid=%U)"
access_group = "ou=Users,dc=jtnllc,dc=com"
access_attr = "dialupUserName"
dictionary_mapping = ${raddbdir}/ldap.attrmap
timeout = 4
timelimit = 3
net_timeout = 1
}
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
