Joerg Spatschil wrote: > I run FreeRADIUS Version 2.0.5, for host i686-pc-linux-gnu and testing > FreeRADIUS Version 2.1.3 both on gentoo systems, I want to peap > authenticate, authorize and set VLANs on a Cisco Cat 4500 according to a > ldap Attribute. ... > Adding the machine and user to users file > DEFAULT Auth-Type := EAP, User-Password == ""
Don't do this. (1) Setting Auth-Type is unnecessary and wrong. Delete it. (2) Setting User-Password == "" is unnecessary and wrong. Delete it. > u...@domain Auth-Type := EAP, User-Password == "" The same comments apply here. > Major problem in the debug: > new result: res_errno: 1, res_error: <000004DC: LdapErr: DSID-0C0906DD, > comment: In order to perform this operation a successful bind must be > completed on the connection., data 0, v1772>, res_matched: <> > read1msg: ld 0x81c1068 0 new referrals You will need to install version 2.1.6, and configure "chase_referrals" and "rebind" in the ldap module. See raddb/modules/ldap for more details. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
