Houston-III, Lester L wrote:
> Is there a way to truncate the UID used by the LDAP module? My system
> is using an UID structured like an email I would like to use everything
> in front of the ‘@’ as the UID. Is this possible?
Yes. See "realms"
Alan DeKok.
-
List info/subscribe/unsubscribe
Jóhann B. Guðmundsson wrote:
I was wondering what is the proper way to enable ldap attributes in
radius.conf
for example Ldap-Group
groupmembership_attribute = radiusGroupName
will then other ldap attributes be matched in the same way?
Ldap-Callingstationid
callingstationid_attribute = radi
Stefan Winter <[EMAIL PROTECTED]> wrote:
> I'm trying to retrieve some replyItems from an AD backend. It works fine as
> expected with most attributes, but there are some string attributes which
> contain spaces
Either put quotes around the string, or hack rlm_ldap to pull the
*entire* string fr
Joe H <[EMAIL PROTECTED]> wrote:
> Where else do I need to add the new attribute No-Pool in order for
> freeradius to use it?
raddb/dictionary See also "man dictionary"
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
clerc sylvain <[EMAIL PROTECTED]> wrote:
> In reality, I must link my freeradius server with an Active Directory
> and not a real ldap database and someone tells me that active
> directory understand only PEAP ( I believe it was in this mailing list
> but I don't remember exactly).
No. Active d
> > My server is running in PEAP mschapv2 and I've a problem when I want
> > to authenticate a user with a ldap database
>
> No, you don't. LDAP is NOT an authentication server.
I'm sorry the ldap database is linked to my freeradius (which is an
authentication server, isn't it?)
>
> > apparen
clerc sylvain <[EMAIL PROTECTED]> wrote:
> My server is running in PEAP mschapv2 and I've a problem when I want
> to authenticate a user with a ldap database
No, you don't. LDAP is NOT an authentication server.
> apparently, the ldap can't find the User-Name attribute Could it
> be because
Michael Mitchell <[EMAIL PROTECTED]> wrote:
> Running the server in DEBUG mode is one of the fastest ways of
> discovering what processing the server performs on the requests it
> receives...
It's also what the developers do. To put it another way:
The people who understand FreeRADIUS best A
On Mon, 14 Mar 2005, [iso-8859-1] Benoît Bianchi wrote:
> Im desperately trying to get LDAP attributes sent back to NAS without any
> success...
> I've add RADIUS-LDAPv3.schema to my LDAP schema, and set radiusClass
> attribute for my test user.
> I can do successful authentication but the value
Benoît Bianchi wrote:
As you suggest I have already search on the Web for an answer to my trouble,
anyway there wasn't...
I never told you to go away and search for the answer yourself... I told
you that if you run the server in DEBUG mode you'll see what it is
doing, and hopefully where the resu
ginal Message-
> From: [EMAIL PROTECTED] [mailto:freeradius-
> [EMAIL PROTECTED] On Behalf Of Michael Mitchell
> Sent: Monday, March 14, 2005 10:50 AM
> To: freeradius-users@lists.freeradius.org
> Subject: Re: LDAP attributes
>
> >
> > Please help ...
> >
>
Please help ...
As per the FAQ, README, various other documents, and many responses to
questions on this list, please run the server in debug mode (radiusd -X)
to see what it is doing, and why it is not doing what you expect. If you
still can't work it out, post the output back to the list and s
Hi
Did you uncomment ldap in the authorize and
authenticate section?
Do you really have an access_attr "dialupAccess" which is
TRUE or FALSE?
hth
peda
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Tariq Rashid <[EMAIL PROTECTED]> wrote:
> there is a difference - the Steel-Belted Radius server documentation
> explains it well and allow syou to make the choice:
The documentation allows you to make that choice because the code is
implemented in the server.
Are you willing to supply patche
On Mon, 15 Mar 2004, Tariq Rashid wrote:
>
> >> even my initial look at the ldap module was confusing as the exmaples
> simpy
> >> connect to the ldap server using the supplied usernamer and password.
> this
> >> is not what i want, i want to connect using a standard signle username
> and
> >> use
>> even my initial look at the ldap module was confusing as the exmaples
simpy
>> connect to the ldap server using the supplied usernamer and password.
this
>> is not what i want, i want to connect using a standard signle username
and
>> use the supplied User-Name to obtain various records...
>Th
On Mon, 15 Mar 2004, Tariq Rashid wrote:
>
> i've previously used radiator as it is simple to modify the check and reply
> items, especially when the check and reply items depend on some quite
> convoluted logic (the flowchart is not simple).
>
> having had an initial look at freeradius and the ld
Tariq Rashid <[EMAIL PROTECTED]> wrote:
> having had an initial look at freeradius and the ldap module - i am reaching
> the conclusion that the standard modules and freeradius are not suited to
> this task. for simple tasks such as always adding ldap attributes to reply
> packets then freeradius s
I've just had a look and the Steel Beelted Radius can do this.
"branching" is the term they use for the server doing different tests
depending on the existence/value of ldap values.
if anyone can point me to the appropriate freeradius documentation or
examples then I would be grateful.
tariq
19 matches
Mail list logo