sphaero wrote:
In a previous post PAP what password encryption is used? I managed to get
authentication working with a msssql backend however I need to force
Auth-Type := PAP. I read it's bad practice to force the Auth-Type so I was
wondering what I could do to let freeradius figure
try pap in the first place.
I need to work with the 1.1 serie since eventually I need to implement this
HP procurve agent for freeradius and I haven't found any support for 2.0
series yet.
Rg,
Arnaud Loonstra
--
View this message in context:
http://www.nabble.com/Why-do-I-need-to-force-Auth-Type
sphaero wrote:
Thanks for that Alan, that does work as well. However I still don'y know why
freeradius didn't try pap in the first place.
It did. Read the debug output.
I need to work with the 1.1 serie since eventually I need to implement this
HP procurve agent for freeradius and I
In a previous post PAP what password encryption is used? I managed to get
authentication working with a msssql backend however I need to force
Auth-Type := PAP. I read it's bad practice to force the Auth-Type so I was
wondering what I could do to let freeradius figure the authentication
itself
Markus Moeller wrote:
if (%{ldap: stuff... } == bar) {
...
I didn't know that is possible. Where is this documented ? I thought I
read all FAQ and documentations.
It's not really well documented, because it's not well tested. If it
works, great. If not...
The other questions I have is
OK I think I understand it now better. And I can do everything with unlang
and ldap and no files module as I didn't find a way to use control AV pairs
in the users file.
I do now in sites-enabled/default the following:
authorize {
auth_log
ldap
if (control:User-Location
Alan DeKok [EMAIL PROTECTED] wrote in message
news:[EMAIL PROTECTED]
Markus Moeller wrote:
That was the only way I could get it to work. If I use update control
anybody can login, whereas in my setup only a user who exits in ldap get
AUth-Type set to LDAP all other users have an empty value
Alan DeKok [EMAIL PROTECTED] wrote in message
news:[EMAIL PROTECTED]
Markus Moeller wrote:
I am new to freeradius and try to authenticate users with pam and
authorize
with ldap groups. I try to find a minimal configuration but have some
problems forcing the Auth-Type to be PAM.
You are
Markus Moeller wrote:
That was the only way I could get it to work. If I use update control
anybody can login, whereas in my setup only a user who exits in ldap get
AUth-Type set to LDAP all other users have an empty value and therefore
can not authenticate.
The LDAP module setting
with timestamp +3
Ready to process requests.
Only if I set set_auth_type = yes in radiusd.conf for ldap and change
authorize in default to:
Auth-Type LDAP {
pam
}
I get a successful login.
Is there any other way to force Auth-Type tp be PAM for all users ?
Is there also a way to disable
Markus Moeller wrote:
I am new to freeradius and try to authenticate users with pam and authorize
with ldap groups. I try to find a minimal configuration but have some
problems forcing the Auth-Type to be PAM.
You are aware that this will make EAP and many other authentication
methods
11 matches
Mail list logo
