Alan DeKok wrote:
Florian Prester <[EMAIL PROTECTED]> wrote:
authorize: If I place the "users"-word before anything else, the
authorization should take place by the users-file, which means if an
user exists in the users-file it is authoized? correct?
It means that the "users" file is processed before anything else.
You don't need to move it, though. The default configuration works.
authenticate: If the password matches cleartext/crypt the users is
authenticated? correct?
Yes.
2.) If I try to uses PEAP and LDAP I need cleartext-passwords!? correct?
Or NT-Password.
Who can I control, which Password should be used?
If I add "ldap" after the "users"-wordin the authorize-section ldap
should only be used, if the user cannot be found in the users-file?
No. See doc/configurable_failover
If I add password_attribute = "sn" thr user is authenticated, if
the password-hash-challenge is matching the sn-hash-challenge, meaning
the sn-attribute is taken as password? correct?
Yes.
3.) What means the Groupe-authenticate/authorize if I am using ldap?
I'm not sure what you mean by that.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
--
--------------------------------------------------------------
Dipl. Inf. Florian Prester
Network Administration
Regionales RechenZentrum Erlangen
Universitaet Erlangen-Nuernberg
Germany
Tel.: +499131 8527813
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
