Kyle Plimack wrote: > I’ve read a lot of threads and looked at the protocol / encryption > compatibility chart, but I’ve never seen someone say, “this is the > solution”.
1) get PAP working against LDAP 2) follow the EAP guide (deployingradius.com) to get EAP working 3) configure ldap in the "inner-tunnel" virtual server 4) LDAP + EAP will work. > An alternative I’m considering (I don’t know if its > possible), is having radius pass the authentication request to PAM. > Pam, on my radius server, is already connected to ldap, and should be > able to provide the same authentication. Is is possible, and if so how > should I do it? Don't. > Attached is the output from radiusd –X, can you help me determine why > authentication is failing, but authorization is passing? You missed step (3). > Can I > automatically authenticate once authorized? Why are they two different > processes? Because some people need them to be different processes. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html