On Thu, Jun 24, 2010 at 11:21:47AM -0500, Raymond Norton wrote:
> I misunderstood the instructions. Made the change, and I see now that I  
> am at least connecting to the ldap server, but still getting rejected.
>
> [ldap] performing user authorization for billy
> ++[ldap] returns ok
> No authenticate method (Auth-Type) configuration found for the request:  

You use PAP, and have ldap in authorize, but not in authenticate. You likely
want the latter, too.

        authenticate {
                [...]
                Auth-Type LDAP {
                        ldap
                }
                [...]
        }

This will perform an authenticated bind on the LDAP server using the
supplied password, which is probably what you want.

> ldpasearch on remote ldap server:
> r...@relay-1:/etc/ldap# ldapsearch -x -b  uid=billy,ou=People,dc=lctn,dc=org

On that note, the above would be the equivalent of this:

ldapsearch -x -b ou=People,dc=lctn,dc=org -D uid=billy,ou=People,dc=lctn,dc=org 
-W

...and passing in the User-Password attribute value as the password.

-- 
     2. That which causes joy or happiness.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Reply via email to