Thanks , I am trying to MSCHAPv2 (TTLS or PEAP ) or GTC with LDAP I see that rlm_ldap.c will set Auth-Type as ldap based on set_auth_type =yes and 3 other flags, tried but it didn't worked , I will try from scratch
On Wed, Apr 17, 2013 at 6:24 PM, Olivier Beytrison <[email protected]>wrote: > On 17.04.2013 14:32, Chitrang Srivastava wrote: > > I am using LDAP server as datasource > > Attaching logs > > > > You're doing PAP against LDAP. > > This is the ONLY situation where Auth-Type should be set to ldap > > looking at modules/ldap, we have > > # > # By default, if the packet contains a User-Password, > # and no other module is configured to handle the > # authentication, the LDAP module sets itself to do > # LDAP bind for authentication. > # > # THIS WILL ONLY WORK FOR PAP AUTHENTICATION. > # > # THIS WILL NOT WORK FOR CHAP, MS-CHAP, or 802.1x (EAP). > # > # You can disable this behavior by setting the following > # configuration entry to "no". > # > # allowed values: {no, yes} > # set_auth_type = yes > > So freeradious *should* set auth-type to LDAP. > We *should* see a "Setting Auth-Type = ldap" in the debug. > Yet it don't do it. > > You messed the default *working* configuration provided with freeradius. > There's a lot of stuff in your config that are just useless. > > Again, start with the default, working config, then change one thing > after another. What you are trying to do works with the default > configuration shipped with Freeradius. > > Olivier > -- > > Olivier Beytrison > Network & Security Engineer, HES-SO Fribourg > Mail: [email protected] > - > List info/subscribe/unsubscribe? See > http://www.freeradius.org/list/users.html >
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
