ntication tool that returns 0 or 1 depending on
the correctness of a password. This is an authorization question - what
kind of access will the authenticated user be given?
> -Original Message-
> From: Jason Alderfer [mailto:j...@emu.edu]
> Sent: Monday, August 24, 2009 2:10 PM
> Where coudl I put this code Authorize, autenticate, postatuh, ldap module?
Authorize
>>> So, I'm trying to use 802.1x dynamic VLAN assignment. I have this
>>> working when I conf the "users" file. However, I don't want to
>>> create/maintain the users file for 2,000 users!
>>>
>>> Is there
> So, I'm trying to use 802.1x dynamic VLAN assignment. I have this
> working when I conf the "users" file. However, I don't want to
> create/maintain the users file for 2,000 users!
>
> Is there an attribute in AD / LDAP I can use for the dynamic VLAN?
> Ideally I could do this at the "Group" l
Use the script command.
man script
> How can I get the log or the out of it? It is so long that the terminal
> doesn't allow me to scroll all the way back to the top. Is there a log? I
> found radius.log, but it had nothing. Is there a command to generate the
> log? Thanks. I know I am close he
> Jason Alderfer wrote:
>> I would like to convert the following users file entry to unlang code in
>> 2.0.4.
>>
>> DEFAULT Ldap-Group == "cn=not_student,ou=n,o=emu"
>> Tunnel-Type = "VLAN",
>> Tunnel-Medium-Type = "I
Hi all,
I would like to convert the following users file entry to unlang code in
2.0.4.
DEFAULT Ldap-Group == "cn=not_student,ou=n,o=emu"
Tunnel-Type = "VLAN",
Tunnel-Medium-Type = "IEEE-802",
Tunnel-Private-Group-Id = 6
But after reading the unlang man page and trying it
> Hi Jason,
> with the answer from Alan we have found the dn-information in the control
> item. You must use %{control:Ldap-UserDn} instead of %{Ldap-UserDn}
Perfect. Unlang works now. Thanks.
However, there is still the problem with postauth.
>> the function ldap_postauth in rlm_ldap.c still
> Jason Alderfer wrote:
>> I'm testing upgrading to 2.0.3 from 1.1.7 and it appears that the LDAP
>> module in 2.0.3 is not setting the Ldap-UserDn in a way that is
>> available
>> for further analysis.
>
> It's now in the "control" item
Hello,
I'm testing upgrading to 2.0.3 from 1.1.7 and it appears that the LDAP
module in 2.0.3 is not setting the Ldap-UserDn in a way that is available
for further analysis. The problem shows up when using
"edir_account_policy_check = yes" and PEAP. This is the error from the
debug output.
+- e
It appears that the LDAP module in 2.0.3 is not setting the Ldap-UserDn in
a way that is available for further analysis. The problem shows up when
using "edir_account_policy_check = yes" and also when evaluating
Ldap-UserDn with unlang or from other modules as described below in my
previous post.
I'm testing upgrading from 1.1.7 to 2.0.3 and have run into a problem with
the LDAP module. The problem appears in 2 places. First, I'm using the
--with-edir option so I have
password_attribute = nspmPassword
and
edir_account_policy_check = yes
set. However, in 2.0.3, when I set "edir_accoun
11 matches
Mail list logo