On Thu, Jun 24, 2010 at 11:21:47AM -0500, Raymond Norton wrote: > I misunderstood the instructions. Made the change, and I see now that I > am at least connecting to the ldap server, but still getting rejected. > > [ldap] performing user authorization for billy > ++[ldap] returns ok > No authenticate method (Auth-Type) configuration found for the request:
You use PAP, and have ldap in authorize, but not in authenticate. You likely want the latter, too. authenticate { [...] Auth-Type LDAP { ldap } [...] } This will perform an authenticated bind on the LDAP server using the supplied password, which is probably what you want. > ldpasearch on remote ldap server: > r...@relay-1:/etc/ldap# ldapsearch -x -b uid=billy,ou=People,dc=lctn,dc=org On that note, the above would be the equivalent of this: ldapsearch -x -b ou=People,dc=lctn,dc=org -D uid=billy,ou=People,dc=lctn,dc=org -W ...and passing in the User-Password attribute value as the password. -- 2. That which causes joy or happiness. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html