Novell has worked with the most recent release of freeradius to
include support for eDirectory. (Thank you, Novell.)
Up until now I've only been able to make freeradius work with
eDirectory over clear text ldap on TCP:389.
We really want to have freradius connect via ldaps on TCP:636. I
have
freeradius 1.02 with edirectory in a
production environment. I'll post any gotchas to the list and help in
any way that I can.
Thanks,
Dennis
On Thu, 17 Feb 2005 08:58:44 -0600, Dennis Comeaux
[EMAIL PROTECTED] wrote:
Novell has worked with the most recent release of freeradius to
include
how it goes.
Dennis Comeaux [EMAIL PROTECTED]
That email address is valid until the spambots collect it.
This procedure has worked.
EDIRECTORY WITH FREERADIUS
Software you'll need:
1. ConsoleOne 1.36d.
2. freeradius 1.0.2.
3. Sun Java 1.5.0.01.
4. Novell's scrub utility for linux (removes
This line:
Login incorrect: [00-01-f4-ec-97-29/NOPASSWORD] (from client wapcor001 port
Seems to me to mean that the authenticating workstation lacks an
account in the users file.
Try adding the user id 00-01-f4-ec-97-29 with password NOPASSWORD to
the users file.
-
List
can get a copy of this document on OpenOffice format from me as
well. Just send me an email.
begin
eDirectory FreeRadius HowTO
Dennis Comeaux
Version 0.03
(Butchering of this Document is welcomed.)
(This document is NOT a replacement for Novell's documentation.)(This
document
Help!
Our security team wants radiusd running as a secure user. I've
attempted to run it as nobody by editing radiusd.conf but I get a
bunch of permission denied errors:
[EMAIL PROTECTED] etc]# /etc/init.d/radiusd start
Starting RADIUS server: Thu Mar 31 16:21:27 2005 : Info: Starting -
reading
Here's where I am now:
I have a user named radiusd in group radiusd.
I have tried chmod -R a+rwx /etc/raddb. I still get the
5968:error:0200100D:system library:fopen:Permission
Denied:bss_file.c:104:fopen('/etc/raddb/certs/demoCA/cacert.pem','r')
error.
ls -l on the cacert.pem file shows that
radiusd 7118 Mar 2 16:49 users
-rw---1 radiusd radiusd 7115 Mar 2 16:49 users~
-rw---1 radiusd radiusd 7267 Feb 28 10:40 x99.conf
-rw---1 radiusd radiusd 4165 Feb 28 10:40 x99passwd.sample
On Apr 1, 2005 4:00 PM, Dennis Comeaux [EMAIL PROTECTED] wrote
:[ OK ]
[EMAIL PROTECTED] run]# /etc/init.d/radiusd status
radiusd (pid 6239) is running...
[EMAIL PROTECTED] run]#
On Apr 1, 2005 4:02 PM, Dennis Comeaux [EMAIL PROTECTED] wrote:
Additionally - here's the ls -l on /etc/raddb:
[EMAIL PROTECTED] root]# ls -l /etc/raddb
total 460
-rw---1
Anyone have ideas on how to get freeradius to work with eDirectory when Disallow anonymous simple bind is turned on?
I am getting:
rlm_ldap: could not start TLS Inappropriate authentication
When I turn on this option. I've attempted to authenticate with
an ldap browser as well. The LDAP browser
10 matches
Mail list logo