Dear freeradius-users,
I've succeeded in getting LDAP authz/authn working with MSCHAPv2 and
have been using it successfully for a few months now.
I would like to add a very simple user with only a Cleartext-Password to
the users file (this is strictly a FreeRADIUS user and in the interest
of security shouldn't be in LDAP). I would like both the users file and
LDAP to be queried for users, with a query falling through to the next
source if a particular user is not found. In other words, I would like
to be able to use *both* a users file *and* LDAP for auth.
I've added the following at the top of the users file, which has not
been modified otherwise from the sample that ships with 2.0.3.
someuser Cleartext-Password := "somepassword"
The authorize section of my default config (sans comments) looks like this.
authorize {
preprocess
chap
mschap
suffix
eap {
ok = return
}
files
ldap
expiration
logintime
pap
}
As you can see, "files" is there, so it would seem that (based on my
admittedly limited understanding of how FreeRADIUS is supposed to work)
the users file should be queried. Nevertheless, authentication is
failing and nothing is being logged apart from the following.
Login incorrect (rlm_ldap: User not found)
What could I be doing wrong?
--
Anthony Chavez http://hexadecagram.org/
mailto:[EMAIL PROTECTED] xmpp:[EMAIL PROTECTED]
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
