Mike Richardson wrote: > I'd read that radtest didn't do EAP so I installed Xsupplicant and was using > that for tests. That seems to be a more realisic approach. If you think that > I can fix the problem by not attempting EAP and using radtest then that is > exactly what I shall do.
Yes. The problem has nothing to do with EAP. >>> rlm_ldap: Over-riding set_auth_type, as we're not listed in the >>> "authenticate" section. >> You were told to go fix this. Do it. Now > > I DID. I didn't think that posting the new radius config would be of use but > the section in authenticate is DEFINTIELY there and uncommented. Why this > message is appearing in the output is a mystery to me. How much of the default configuration file did you edit? Start with the *default* configuration, and make small changes from there. The default configuration *works*. If you've been trying to get this working for a long time, then either there's a major bug in the version you're using, *or*, you're not editing && testing the configuration in a systematic way. > I'm reading everything and following all the instructions to the letter. > Please don't take that sort of attitude. I've explained that I'm not so I'd > appreciate it if you'd do the same. My amazement is that it appears to be so hard to get this working. Honestly, the default configuration works in the widest possible set of circumstances. I can't tell you how many people just installed the server, un-commented the ldap config, pointed it to their local ldap server, tested with "radtest", and saw that it worked. It really *is* that easy. Try it. If it doesn't work for you, then there's something major going wrong. *That's* why configurations are tested in pieces. If plain PAP doesn't work when going to LDAP, then it's a complete and total waste of your time to install and configure an 802.1x supplicant. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
