On Fri, 31 May 2002 15:48:58 -0400 "Alan DeKok" <[EMAIL PROTECTED]> wrote: > > > What do I need to change to get Freeradius to work with > > remoteUsers instead of posixAccounts? Am I on the > right > > path? And thinkiig a little further ahead - is > Freeradius > > going to pull the proper attributes from the LDAP > server to > > forward to the NAS? > > If you configure the queries correctly, then I *think* > so, but I'm > not an ldap expert. >
Yep, The query (&(Objectclass=remoteUser)(uid=%u)) worked fine. I just needed to remap the ldap.attrmap file to use the attributes for remoteUser. > You can also set it up to NOT bind to the ldap server > for user > authentication. In that case, just store the password in > the ldap > database, and use another RADIUS module to do the > verification. > Yes - This helped immensely. It started correctly verifying the user as soon as I removed "Auth-Type := LDAP" Thank you for your help! I've still got a couple problems getting PAP/CHAP to work at the same time, and getting the realm stripped. I haven't given up yet, but you might hear back from me shortly. Dave Vondracek CTO, IntNet [EMAIL PROTECTED] - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
