You shouldn't have quotes around your username or domain. You should use
identity = cn=user,ou=people,dc=domain,dc=it
On 19/07/2013 7:05 PM, Marco Aresu marcoar...@gmail.com wrote:
Hi All,
i am new about FreeRadius. I am moving from Cisco ACS Tacacs to
FreeRadius. During LDAP configuration i
The ldap.attrmap syntax in FR2 was:
checkItem $GENERIC$ radiusCheckItem
replyItem $GENERIC$ radiusReplyItem
Basically the ldap attributes radiusCheckItem radiusReplyItem
contained FR attr/value pairs which were then added to the
On 12 Apr 2013, at 15:00, Nicholas Lemberger nick.lember...@lkfd.net wrote:
The ldap.attrmap syntax in FR2 was:
checkItem $GENERIC$ radiusCheckItem
replyItem $GENERIC$ radiusReplyItem
Basically the ldap attributes radiusCheckItem
On 12 Apr 2013, at 15:21, Arran Cudbard-Bell a.cudba...@freeradius.org wrote:
On 12 Apr 2013, at 15:00, Nicholas Lemberger nick.lember...@lkfd.net wrote:
The ldap.attrmap syntax in FR2 was:
checkItem $GENERIC$ radiusCheckItem
replyItem $GENERIC$
I've been puttering around with FR3 and haven't been able to figure
out how to set up a mapping from LDAP 'radiusReplyItem'
'radiusCheckItem' attributes to FR3 generic attributes.
I guess if it was useful we could add it back in, there's no real reason
not to.
Could you remind me what the
Marlos Alex wrote:
I'm in trouble and I think that freeradius is, can anyone help me, I
configured theldap group and created a wireless and want only
the users of this group to accessmy wifi network?
Examples of LDAP group checking are in the FAQ.
Alan DeKok.
-
List
The FAQ gives a *very* basic and less than complete example of using groups.
I found an old maillist entry that might be of help here. -
http://lists.freeradius.org/pipermail/freeradius-users/2007-June/019764.html
I'm trying to do something similar and I'm having trouble getting radius to
be
Hi,
I tried to compile FreeRADIUS with LDAP support however, rlm_ldap has
not been compiled.
Are libldap-2.4-2 libldap-dev not sufficent? Do I need to install OpenLDAP?
if you read the output of ./configure
eg
./confogure | grep WARN
you will see what LDAP stuff is required - openldap
On Thu, Dec 8, 2011 at 9:51 AM, Nick Khamis sym...@gmail.com wrote:
Hello Everyone,
I tried to compile FreeRADIUS with LDAP support however, rlm_ldap has
not been compiled.
Are libldap-2.4-2 libldap-dev not sufficent? Do I need to install OpenLDAP?
Try libldap2-dev. That's what on
Hello Everyone,
I do have libldap2-dev installed however, it seems like openldap in all it's
totality is needed?
Thanks in Advnace,
Nick.
On Thu, Dec 8, 2011 at 5:31 AM, Fajar A. Nugraha l...@fajar.net wrote:
On Thu, Dec 8, 2011 at 9:51 AM, Nick Khamis sym...@gmail.com wrote:
Hello Everyone,
On 12/08/2011 01:11 PM, Nick Khamis wrote:
Hello Everyone,
I do have libldap2-dev installed however, it seems like openldap in all it's
totality is needed?
What is needed will be listed in the output of configure. Also listed
will be where configure looked for the dependency. You should read
Thank you. I have tried those options, but they doesn't work for me.
The problem is that they configure freeradius to send TCP Keepalive
messages over the connection, but these packets are just TCP packets,
they don't content any ldap command, so openldap idle_timeout is still
applied.
--
Angel L. Mateo wrote:
Thank you. I have tried those options, but they doesn't work for me.
The problem is that they configure freeradius to send TCP Keepalive
messages over the connection, but these packets are just TCP packets,
they don't content any ldap command, so openldap idle_timeout
Angel L. Mateo wrote:
I have a freeradius 2.1.10 running in a ubuntu (10.04) server. My
users are in a ldap directory.
The problem I have is that openldap server has an idle timeout (if
there is more than this time with an idle connection, openldap closes
the connection). So I want
El 07/09/11 13:02, Alan DeKok escribió:
Angel L. Mateo wrote:
I have a freeradius 2.1.10 running in a ubuntu (10.04) server. My
users are in a ldap directory.
The problem I have is that openldap server has an idle timeout (if
there is more than this time with an idle connection,
Angel L. Mateo wrote:
I didn't find any 2.1.12 freeradius version (the latest version at
freeradius web is 2.1.11). In 2.1.11 (and 2.1.10) the options I have
found that could be related are:
2.1.12 will be released soon.
* ldap_connections_number: number of active ldap connections
Hi,
You can add NT / LM pairs to each LDAP user object. You must include the
samba.schema into the ldap server schemas.
Ex:
sambaNTPassword: CAF13D4F321E608B27FD75D2549BA53C
sambaLMPassword: 02D093CE93038E2FAAD3B435B51404EE
You can create these passwords using smbencrypt tool (deployed with
Daniel Gomes wrote:
I know this is a question which has been thoroughly asked and answered,
but after spending several days configuring, debugging, searching the
internet, rec-configuring, etc, I still can't get my freeradius server
to properly authenticate users (for a pptd server).
Go
Hey there,
first of all, thanks for all the tips!
Commenting them, in the order in which they came:
@peter lambrechtsen:
I actually had tried PAP before, but I gave up then because pptpd was
refusing clients without even consulting the RADIUS server... But I
noticed (a couple of minutes
Daniel Gomes wrote:
From the logs, and as I wrote on my initial cry for help, I could see
that the password wasn't being found, I just couldn't puzzle out why...
And yes, the users do have passwords on LDAP (we are using it to
authenticate many other applications), and as I wrote down, radtest
Wrong guess, i'ts OpenLDAP :)
Em 09-07-2010 13:04, Alan DeKok escreveu:
Daniel Gomes wrote:
From the logs, and as I wrote on my initial cry for help, I could see
that the password wasn't being found, I just couldn't puzzle out why...
And yes, the users do have passwords on LDAP (we are using
Daniel Gomes wrote:
Wrong guess, i'ts OpenLDAP :)
Then fix it so that it returns a password to FreeRADIUS.
It's an LDAP server. If it doesn't return a password when an LDAP
client queries it for a password, it's broken.
Alan DeKok.
-
List info/subscribe/unsubscribe? See
Well, as I mentioned (a couple of times now), the LDAP server was indeed
returning a password to FreeRADIUS, since radtest was always working
fine. So the problem wasn't in the LDAP server itself, because it does
return a password when an LDAP client queries it for a password (as I
also
Daniel Gomes wrote:
Well, as I mentioned (a couple of times now), the LDAP server was indeed
returning a password to FreeRADIUS, since radtest was always working
fine.
No, it wasn't returning a password to FreeRADIUS. Go *read* the debug
output. It will prove this.
When using PAP, the
Em 09-07-2010 13:59, Alan DeKok escreveu:
Daniel Gomes wrote:
Well, as I mentioned (a couple of times now), the LDAP server was indeed
returning a password to FreeRADIUS, since radtest was always working
fine.
No, it wasn't returning a password to FreeRADIUS. Go *read* the debug
Daniel Gomes wrote:
we are currently and successfully using it to
authenticate other services).\
Using PAP passwords.
Actually these application are probably just binding with the user's
credentials, but that's not relevant here.
sigh That's what I meant.
Well, it doesn't
Em 09-07-2010 17:12, Alan DeKok escreveu:
Daniel Gomes wrote:
we are currently and successfully using it to
authenticate other services).\
Using PAP passwords.
Actually these application are probably just binding with the user's
credentials, but that's not
Why not setup your NAS to use PAP, instead of MS-CHAP.
If you use MS-CHAP you will need to have NT Hash'es in your LDAP directory.
It would be far easier to have PAP authentication enabled on your NAS, then
it should work fine.
On Tue, Jul 6, 2010 at 3:59 AM, Daniel Gomes dgo...@ipfn.ist.utl.pt
You're password needs to be readable in cleartext by FR for anything other
than PAP to work.
That way FR can hash/encrypt the password out of LDAP on the server side and
compare against the hash it gets passed from the client.
On Sun, Oct 4, 2009 at 6:07 PM, Ryaz Khan rk...@ezesolve.com wrote:
I am glad to say that I was able to setup FreeRADIUS ver. 2.1.7 with LDAP
(slapd) authentication after a continuous research of a whole week. I can
authenticate user via LDAP but it only works for PAP, radtest tool works,
NTRadPing works but only when using PAP (un-checking CHAP).
If you have
I installed freeradius-server-2.1.6. It is related with a LDAP server.when
run radiusd -X
there is this error:
/usr/local/etc/raddb/modules/ldap[29]: Failed to link to module
'rlm_ldap':
/usr/lib/rlm_ldap.so: undefined symbol: librad_errstr
Is it needed to install freeradius-ldap or my
Yum install freeradius-ldap sends this needed too.
I installed freeradius-server-2.1.6. It is related with a LDAP server.when
run radiusd -X
there is this error:
/usr/local/etc/raddb/modules/ldap[29]: Failed to link to module
'rlm_ldap':
/usr/lib/rlm_ldap.so: undefined symbol:
Hi,
I installed freeradius-server-2.1.6. It is related with a LDAP server.when
run radiusd -X
there is this error:
/usr/local/etc/raddb/modules/ldap[29]: Failed to link to module 'rlm_ldap':
/usr/lib/rlm_ldap.so: undefined symbol: librad_errstr
Is it needed to install freeradius-ldap or
Yes but yum install version 1.1.3 and I want to use reply-name item that is
in version 2.1.6.
if you installed freeradius from YUM it looks like it didnt pull in
dependencies.
for LDAP functionality, you'll need to install openldap and
all of its dependencies.
if you built from source, you'll
Yes but yum install version 1.1.3 and I want to use reply-name item that
is
in version 2.1.6.
http://wiki.freeradius.org/Red_Hat_FAQ
Ivan Kalik
Kalik Informatika ISP
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Christopher Sheldon wrote:
Does anyone else who subscribes to the list specifically read every
email Alan sends just to chuckle at him berating the poor, confused
people seeking help?
My unhelpful comments are directed at the people who don't read (a)
the documentation I already wrote, or
daverum...@boothcreek.com wrote:
So funny you say that, I was just talking about that with a co worker. I
almost find myself searching for his emails and thinking that poor person who
is looking for help.
Asking people to read the debug log, as suggested in the FAQ, README,
INSTALL, man
Alan often replies immediately with useful information, often for
questions which are constantly repeated. I'm personally impressed with
his tireless dedication, not only in being one of the primary help
desk roles but also in developing the software, both of which you're
getting for *free*. I
: freeradius 2.1.6 ldap + mschapv2 to authenticate
Alan often replies immediately with useful information, often for
questions which are constantly repeated. I'm personally impressed with
his tireless dedication, not only in being one of the primary help
desk roles but also in developing
jpablorp wrote:
I replace eap.conf with the Default eap.conf file
and this is my debug:
Where you have *deleted* the real cause of the error.
[peap] Had sent TLV failure. User was rejected earlier in this session.
Look EARLIER in the debug log for the failure. It's really not hard.
Thanks for your help.
I'm pretty new on freeradius. I've been read many how's to, but only in this
post I've discovered many things.
Alan DeKok-2 wrote:
jpablorp wrote:
I replace eap.conf with the Default eap.conf file
and this is my debug:
Where you have *deleted* the real cause
Does anyone else who subscribes to the list specifically read every
email Alan sends just to chuckle at him berating the poor, confused
people seeking help?
It's like reality TV. ;-)
Chris.
Alan DeKok wrote:
jpablorp wrote:
I replace eap.conf with the Default eap.conf file
and this
ReplyTo: FreeRadius users mailing list
Subject: Re: freeradius 2.1.6 ldap + mschapv2 to authenticate
Sent: Jun 24, 2009 5:36 PM
Does anyone else who subscribes to the list specifically read every
email Alan sends just to chuckle at him berating the poor, confused
people seeking help?
It's like
Of daverum...@boothcreek.com
Sent: Wednesday, June 24, 2009 7:56 PM
To: FreeRadius users mailing list
Subject: Re: freeradius 2.1.6 ldap + mschapv2 to authenticate
Chris,
So funny you say that, I was just talking about that with a co
worker. I almost find myself searching for his emails
I've trying to setup a freeradius 2.1.6 with Ldap and mschapv2 to
authenticate.
when I send test from my console, this works fine.
But when I try to connect.
I don't know what I'm missing.
here is my radiusd.conf:
Why did you find it necessary to butcher default configuration? Use
default
Thanks for your response.
Now I'm using the defaults files and configure the access in modules
(raddb/modules/ldap).
Now seems like the solution is closer,
When I test this appear in my server in debug mode:
[ldap] No default NMAS login sequence
[ldap] looking for check items in directory...
Thanks for your response.
Now I'm using the defaults files and configure the access in modules
(raddb/modules/ldap).
Now seems like the solution is closer,
When I test this appear in my server in debug mode:
...
[eap] EAP NAK
[eap] NAK asked for unsupported type 25
[eap] No common EAP
Ivan Kalik wrote:
Have you done some strange things to eap.conf or are you using the default
one? Default configuration works.
I replace eap.conf with the Default eap.conf file
and this is my debug:
++[ldap] returns ok
Found Auth-Type = EAP
+- entering group authenticate {...}
[eap]
[mschapv2] +- entering group MS-CHAP {...}
[mschap] No Cleartext-Password configured. Cannot create LM-Password.
[mschap] No Cleartext-Password configured. Cannot create NT-Password.
[mschap] Told to do MS-CHAPv2 for sminhas with NT-Password
[mschap] FAILED: No NT/LM-Password. Cannot perform
We use freeRadius v 1.1.6 and EAP-TTLS for our WiFi network.
FreeRadius uses LDAP for users autentication. It is querying LDAP
about inner identities and outer identities (anonymous usually).
Is there any way to stop freeRadius from querying LDAP about
outer identities?
Upgrade. In 2.x inner
Daniel Daza Muñoz wrote:
We use freeRadius v 1.1.6 and EAP-TTLS for our WiFi network.
FreeRadius uses LDAP for users autentication. It is querying LDAP
about inner identities and outer identities (anonymous usually).
Is there any way to stop freeRadius from querying LDAP about
outer
You don't need Auth-Type Accept (it will let people in even if the
password is wrong). Processing of the users file stops with the first
match without Fall-Trough.
Ivan Kalik
Kalik Informatika ISP
Dana 12/12/2008, Tim Gustafson t...@soe.ucsc.edu piše:
Add: DEFAULT Auth-Type := Reject
Add: DEFAULT Auth-Type := Reject
Awesome, that worked.
So, if I wanted to enable multiple LDAP groups, would this be the correct
syntax:
DEFAULT LDAP-Group == foo, Auth-Type := Accept
DEFAULT LDAP-Group == bar, Auth-Type := Accept
DEFAULT LDAP-Group == baz, Auth-Type := Accept
DEFAULT
In my users I have
DEFAULT LDAP-Group == foo
However, even with these configuration options set, anyone with a valid login
and password can authenticate right now. In my radiusd -X I see:
rlm_ldap: performing search in dc=blah, with filter ((cn=foo)(memberUid=test))
rlm_ldap: object not found
[EMAIL PROTECTED] wrote:
Trying to setup group membership filtering against LDAP group membership
for user authentication and authorization, seems that %{Ldap-UserDn} is
not correctly expanded (shown as blank) in my conf.
Does anyone experienced same problems or has any idea about what is
Thanks a lot, that was the point.
Pierre
[EMAIL PROTECTED] wrote:
Trying to setup group membership filtering against LDAP group membership
for user authentication and authorization, seems that %{Ldap-UserDn} is
not correctly expanded (shown as blank) in my conf.
Does anyone experienced
Mats Blomgren B wrote:
Today I check the etc/passwd for the usernames and passwords and
fetches the users default group from etc/passwd.
I'm not so sure...
#/usr/local/etc/raddb/users
DEFAULT Group == admin-network, Auth-Type = System
This checks /etc/groups, via the getgrent() call.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
satish patel wrote:
I am going to installed freeradius with ldap but my
problem is i m confused about ldap and chap i want impement VPDN and
users authenticate through ldap so CHAP will work or not how can i
configure ldif file for
Baptiste Delporte wrote:
Mon Feb 19 09:30:08 2007 : Error: rlm_mschap: Invalid LM-Password
Mon Feb 19 09:30:08 2007 : Error: rlm_mschap: Invalid NT-Password
That happens only when an LM-Password and NT-Password are added for
the user, AND where they're not the right format.
/Authentication
Sundaram Divya-QDIVYA1 wrote:
What I need to understand is how to integrate FreeRADIUS with
an LDAP Server without exposing the (crypted) password hashes.
Any pointers on what I need to do for that?
Bind as the LDAP user. PAP will work, nothing else will.
Alan DeKok.
--
-Message d'origine-
De :
[EMAIL PROTECTED]
radius.org
[mailto:[EMAIL PROTECTED]
sts.freeradius.org] De la part de Sundaram Divya-QDIVYA1
Envoyé : jeudi 30 novembre 2006 23:51
À : freeradius-users@lists.freeradius.org
Objet : FreeRadius and LDAP
We don't use openldap or
Good morning, I send this email because I don't found my error about freeradius + ldap. I thinhk, I have an error of the userPassword. You can see the output of radiusd -X : Thanks for your help. Faites de Yahoo! votre page d'accueil sur le web pour retrouver directement vos services
Phil Mayers wrote:
Christophe Gravier wrote:
My password are not stored in LDAP in clear text but hashed using SHA
algorythm, so this won't work ;-(
Ok, let's take a breath. First things first:
If your passwords are in SHA (which they are) your Radius server will
ONLY be able to
Christophe Gravier wrote:
Phil Mayers wrote:
Christophe Gravier wrote:
My password are not stored in LDAP in clear text but hashed using
SHA algorythm, so this won't work ;-(
Ok, let's take a breath. First things first:
If your passwords are in SHA (which they are) your Radius
Christophe Gravier wrote:
Alan DeKok wrote:
[EMAIL PROTECTED] wrote:
rlm_ldap: Adding userPassword as User-Password, value { op=11
That's better.
modcall: group authorize returns ok for request 0
rad_check_password: Found Auth-Type LDAP
Yuck.
My quick answer is to
Alan DeKok wrote:
[EMAIL PROTECTED] wrote:
rlm_ldap: Adding userPassword as User-Password, value { op=11
That's better.
modcall: group authorize returns ok for request 0
rad_check_password: Found Auth-Type LDAP
Yuck.
My quick answer is to edit rlm_ldap.c to have it *never* set
Phil Mayers wrote:
Alan DeKok wrote:
[EMAIL PROTECTED] wrote:
rlm_ldap: Adding userPassword as User-Password, value { op=11
That's better.
modcall: group authorize returns ok for request 0
rad_check_password: Found Auth-Type LDAP
Yuck.
My quick answer is to edit
correct me...
Regards,
Edvin
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of
Christophe Gravier
Sent: Donnerstag, 15. Dezember 2005 16:05
To: FreeRadius users mailing list
Subject: Re: Freeradius and LDAP : to be continued
Phil Mayers wrote:
Alan DeKok
To: FreeRadius users mailing list
Subject: Re: Freeradius and LDAP : to be continued
Phil Mayers wrote:
Alan DeKok wrote:
[EMAIL PROTECTED] wrote:
rlm_ldap: Adding userPassword as User-Password, value { op=11
That's better.
modcall: group authorize returns ok
opinion about
this on this list ;)
Kind regards,
Edvin
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of
Christophe Gravier
Sent: Donnerstag, 15. Dezember 2005 16:41
To: FreeRadius users mailing list
Subject: Re: Freeradius and LDAP : to be continued
Hello
rather confusing. I have to admit, I have never used chillispot, but I've
just visited their website and in FAQ I found Why should I use
CHAP-Challenge and CHAP-Password? so this makes me think that Chillispot
uses CHAP authorization. And when you use CHAP, you do NOT need LDAP as
;)
Kind regards,
Edvin
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of
Christophe Gravier
Sent: Donnerstag, 15. Dezember 2005 16:41
To: FreeRadius users mailing list
Subject: Re: Freeradius and LDAP : to be continued
Hello Edvin,
First, I received my
Hello
I have a chillispot that works with OpenLDAP
on a Debian box
here are the modifications in radiusd.conf I wrote
# Lightweight Directory Access Protocol (LDAP)
#
# This module definition allows you to use LDAP for
# authorization and authentication (Auth-Type :=
Frank Bonnet wrote:
Hello
I have a chillispot that works with OpenLDAP
on a Debian box
Strictly the same thing I want to achieve indeed ! ;-)
How are your password in your LDAP ? (clear ? hash form ?)
Moreover, except this configuration of the ldap remote server, what did
you put in
Christophe Gravier wrote:
My password are not stored in LDAP in clear text but hashed using SHA
algorythm, so this won't work ;-(
Ok, let's take a breath. First things first:
If your passwords are in SHA (which they are) your Radius server will
ONLY be able to answer PAP requests.
The
Christophe Gravier wrote:
My password are not stored in LDAP in clear text but hashed using SHA
algorythm, so this won't work ;-(
Ok, let's take a breath.
Yes, I agree, that's why I quit for today ;-)
First things first:
If your passwords are in SHA (which they are) your Radius server
Phil Mayers [EMAIL PROTECTED] wrote:
Ok, let's take a breath. First things first:
...
Could this be a Wiki page?
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Christophe Gravier [EMAIL PROTECTED] wrote:
auth: type LDAP
Processing the authenticate section of radiusd.conf
modcall: entering group Auth-Type for request 0
rlm_ldap: - authenticate
rlm_ldap: Attribute User-Password is required for authentication.
Cannot use CHAP-Password.
You're
Alan DeKok wrote:
Christophe Gravier [EMAIL PROTECTED] wrote:
auth: type LDAP
Processing the authenticate section of radiusd.conf
modcall: entering group Auth-Type for request 0
rlm_ldap: - authenticate
rlm_ldap: Attribute User-Password is required for authentication.
Cannot use
Christophe Gravier [EMAIL PROTECTED]wrote:
Removing the ldap entry, radtest no longer works of course.
Did you put ldap in the authorize section? That would allow
radtest to work, as I said.
rlm_ldap: looking for check items in directory...
Can you say which LDAP server you're using?
Christophe Gravier [EMAIL PROTECTED]wrote:
Removing the ldap entry, radtest no longer works of course.
Did you put ldap in the authorize section? That would allow
radtest to work, as I said.
Yes, I did like we said:
- did put ldap (it was already indeed) in authorize section.
- did remove
Le 4 juil. 05 à 17:54, Alan DeKok a écrit :
Marc-Henri Boisis-delavaud [EMAIL PROTECTED]
wrote:
/opt/freeradius/distrib.freeradius-1.0.4/src/modules/rlm_ldap/
rlm_ldap.c:2181: undefined reference to `ldap_unbind_s'
Hmm... it looks like your version of OpenLDAP doesn't have the
Marc-Henri Boisis-Delavaud [EMAIL PROTECTED] wrote:
And what is the version of openldap recomended by freeradius ?
Most versions should work. My guess is that the LDAP libraries are
in a non-standard place, where your linker can't find them.
Alan DeKok.
-
List info/subscribe/unsubscribe?
Marc-Henri Boisis-delavaud [EMAIL PROTECTED] wrote:
/opt/freeradius/distrib.freeradius-1.0.4/src/modules/rlm_ldap/
rlm_ldap.c:2181: undefined reference to `ldap_unbind_s'
Hmm... it looks like your version of OpenLDAP doesn't have the
functions needed by FreeRADIUS. Or, the LDAP libraries
Alan DeKok wrote:
Marc-Henri Boisis-delavaud [EMAIL PROTECTED] wrote:
/opt/freeradius/distrib.freeradius-1.0.4/src/modules/rlm_ldap/
rlm_ldap.c:2181: undefined reference to `ldap_unbind_s'
Hmm... it looks like your version of OpenLDAP doesn't have the
functions
Frank Bonnet wrote:
I am setting up a chillispot server to manage our future WiFi network
and I wonder if the schemas given with the lastest freeradius
ditribution as it is marqued for LDAP-v3 are OK for LDAP-v2 ?
We actually use LDAP v2 ( openldap 2.0.27 ) as centralized
auth system and we do
Le Jeudi 21 Avril 2005 07:53, Frank Bonnet a écrit :
Hello
I'm new to the list :-)
I am setting up a chillispot server to manage our future WiFi network
and I wonder if the schemas given with the lastest freeradius
ditribution as it is marqued for LDAP-v3 are OK for LDAP-v2 ?
We actually
Thomas Simmons wrote:
passwords must be encrypted even when sent inside our LAN. I would like
to use mschap v2, but it seems that it will not work with LDAP, is this
correct? If I cannot use mschap v2, is there another way to encrypt the
passwords or use some sort of challenge authentication?
Thomas Simmons [EMAIL PROTECTED] wrote:
When using PAP, the password is sent in clear text.
Sent in what protocol? RADIUS does no such thing.
The password is sent through the VPN to the firewall, so it's never
exposed to the internet but passwords must be encrypted even when
sent inside
dbx is your friend...
But check to see that the ldap module actually built... unless you've
got things installed in the default places, it can take a little work to
get the ldap module to compile on Solaris...
José Berenguer wrote:
Hello!
We are trying to authenticate the last version of
PROTECTED]
[mailto:[EMAIL PROTECTED] De la
part de Michael Mitchell
Envoyé : vendredi 18 février 2005 13:30
À : freeradius-users@lists.freeradius.org
Objet : Re: FreeRadius with LDAP
dbx is your friend...
But check to see that the ldap module actually built... unless you've
got things
On Fri, 18 Feb 2005, E L wrote:
I'm new to LDAP and Freeradius.
I'm trying to find out if there is a way to configure Freeradius to get
information from the LDAP database and assign it to one of the radius
atributes(like Framed-IP-Address and Framed-IP-Netmask) for a uids that have
any of
You may want to read
http://www.linuxchange.com/opendocs/howto/authentication/radius/index.es.html
however it's on spanish
LD
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Thanks Dustin. I'll give a try.
Thanks to Luis too, but unfortunately is don't speak Spanish.
Cris
_
Express yourself instantly with MSN Messenger! Download today it's FREE!
On Thu, 7 Oct 2004, Michael Benton wrote:
Hello,
FreeRadius 1.0.1
Linux RHES3.1
Does anyone know how to configure the FreeRadius server to to a LDAP query on a
Win2003 AD server, and to look at the whole AD tree
?
We have for some unknown reason, multiple OU's with users in each, rather
Ok Thor, I got a different email address cuz myway
stinks.
How do I verify my version of ppp, the rpm from
poptop's page, has radius plugin?
__
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
Because the radiusclient wasn't compiled in. Grrr.
--
Regards,
Thor Spruyt
E: [EMAIL PROTECTED]
W: www.thor-spruyt.com
M: +32 (0)475 67 22 65
- Original Message -
From: John H.
To: [EMAIL PROTECTED]
Sent: Friday, August 27, 2004 7:45 AM
Subject: Re: freeradius+poptop+LDAP+Samba
John H. wrote:
Ok Thor, I got a different email address cuz myway
stinks.
Hey nice :)
How do I verify my version of ppp, the rpm from
poptop's page, has radius plugin?
find / -name radiusclient
--
Regards,
Thor Spruyt
E: [EMAIL PROTECTED]
W: www.thor-spruyt.com
M: +32 (0)475 67 22 65
-
radiusclient dir not found. I don't understand why,
though, I used the ppp straight from poptop's website.
--- Thor Spruyt [EMAIL PROTECTED] wrote:
John H. wrote:
Ok Thor, I got a different email address cuz myway
stinks.
Hey nice :)
How do I verify my version of ppp, the rpm from
Spruyt
E: [EMAIL PROTECTED]
W: www.thor-spruyt.com
M: +32 (0)475 67 22 65
- Original Message -
From: John H.
To: [EMAIL PROTECTED]
Sent: Friday, August 27, 2004 7:45 AM
Subject: Re: freeradius+poptop+LDAP+Samba
And can you tell me why I have no radiusclient dir?
--- On Fri 08/27
1 - 100 of 115 matches
Mail list logo