Thanks so much Phil. I am using freeradius-1.0.4 I am going to install the latest version and will try your suggestion.
Thanks and Regards. Eric. --- Phil Mayers <[EMAIL PROTECTED]> wrote: > Eric Martell wrote: > > Hi, > > Is it possible to altogether avoid authenticate > > section and just do ldap lookups in the authorize > > section? > > > > authorize { > > ldap { > > notfound = reject > > } > > } > > > > The problem is in the authenticate section, radius > > gets the userDN from the authorize and tries to > "bind" > > ldap with password which we don't have. > > > > I also tried in users file > > Ldap-UserDN := `cn=Manager,dc=eng,dc=com/answer2` > > Assuming you are using a recent version of > FreeRadius, you can do one of > the following: > > modules { > ldap { > ... > set_auth_type = no > } > } > > authorize { > preprocess > ldap > pap > } > > authenticate { > Auth-Type PAP { > pap > } > } > > > ____________________________________________________________________________________ Be a better pen pal. Text or chat with friends inside Yahoo! Mail. See how. http://overview.mail.yahoo.com/ - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html