Le mercredi 06 février 2008, Alan DeKok a écrit :
Thierry CHICH wrote:
However, it the accounting is always done with the outer identity
...
Login OK: [EMAIL PROTECTED]/] (from client
ap-rectorat02 port 0)
+- entering group post-auth
expand: %{request.User-Name
Le jeudi 07 février 2008, Alan DeKok a écrit :
Thierry CHICH wrote:
You are right. I think this typo is in the original file inner-tunnel
included in the distrib,
Yes, I've fixed it.
but it work better - but not as I want. Now, I have a good
Access-Accept packet, but it is seems
invalid
auth: Failed to validate the user.
At this point, I don't understand what freeradius want.
I don't know how to say : authorize on waht you want, I don't care, and
authenticate on my LDAP server.
Is it a good configuration sample I can find anywhere ?
Regards,
--
Thierry CHICH
-
List info
Le mercredi 06 février 2008, Alan DeKok a écrit :
Thierry CHICH wrote:
With the previous release of freeradius 1.1.7, I could do the following
things:
- people with a correct outer identity and inner identity
(login/password) could be authorized and authenticate on a LDAP server,
using
Le jeudi 31 janvier 2008, Sebastian Heil a écrit :
Le mercredi 30 janvier 2008, Sebastian Heil a écrit :
Sebastian Heil wrote:
...
i added the following lines to the ldap-section:
...
rlm_ldap: could not start TLS Can't contact LDAP server
It doesn't seem
William Bulley a écrit :
I swear this has worked for me in the past! Scenario:
+---+
| ThinkPad T42 with D-Link DWL-G660 |
| (ath0) on FreeBSD 6.2-STABLE |
| running wpa_supplicant 0.4.8 |
+---+
Le mercredi 30 janvier 2008, Sebastian Heil a écrit :
Sebastian Heil wrote:
...
i added the following lines to the ldap-section:
...
rlm_ldap: could not start TLS Can't contact LDAP server
It doesn't seem that your TLS is well initiated. I don't think it is an ldap
or
Le mercredi 23 janvier 2008, [EMAIL PROTECTED] a écrit :
this is the problem:
I need different kind of authentication against a Ldap dir, better with
the same username (userid,uid).
For instance, the mail attribute ? You just have to change the filter in the
ldap configuration
May i use
what people think they
are doing. This topic of the outer identity need to be clarified, I believe.
It would be very usefull to have a sample of configuration for which the
accounting is using the user-name provided by the inner identity.
Best regards,
--
Thierry CHICH
Equipe Réseaux
Sorry.
What I said is not related to the thread.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
must be a valid LDAP name. But I still can use an
arbitrary valid LDAP name.
In fact, the most important thing to me is that the accounting, and session
logger use the good name.
Is it a solution to my problem ?
Thx,
--
Thierry CHICH
Equipe Réseaux / Rectorat de Clermont-Ferrand
Tel: +33 4 73
Le mercredi 16 janvier 2008, Alan DeKok a écrit :
Thierry CHICH wrote:
I have an access-point, and I want use EAP/TTLS in order to authenticate
people on my LDAP server. The first time, I had then something like that:
...
in my intel proset, if I am giving a false identity in my roaming
12 matches
Mail list logo