Konstantin KABASSANOV wrote: > Using PEAP/mschapv2 with openldap through freeradius, I'd like to know if > there is a way to allow all users in the authorize section of radiusd.conf > (without doing ldap requests) and make the ldap request only in the > authenticate section. It is useful for instance to avoid multiple ldap > requests during authorization process in particular when a number of > radius-request/challenges are exchanged between Access points and radius > server.
In 2.0.4, you can run the LDAP module only for the inner tunneled request. See raddb/sites-enabled/inner-tunnel. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html