Eric Martell wrote:
Hi,
Is it possible to altogether avoid authenticate
section and just do ldap lookups in the authorize
section?
authorize {
ldap {
notfound = reject
}
}
The problem is in the authenticate section, radius
gets the userDN from the authorize and tries to "bind"
ldap with password which we don't have.
I also tried in users file
Ldap-UserDN := `cn=Manager,dc=eng,dc=com/answer2`
Assuming you are using a recent version of FreeRadius, you can do one of
the following:
modules {
ldap {
...
set_auth_type = no
}
}
authorize {
preprocess
ldap
pap
}
authenticate {
Auth-Type PAP {
pap
}
}
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html