Re: When to ldap?

2010-05-13 Thread Alan DeKok
Dean, Barry wrote: > The issue is that the self same configuration in FreeRADIUS 2.0.2 works! But > with 2.1.8 it fails. Yes... the behavior changed slightly in the past 2 years. Read raddb/modules/ldap in 2.1.8. Look for "auth_type". This is documented. > "FR 2.0.2 reports 'rad_check_pas

Re: When to ldap?

2010-05-13 Thread Dean, Barry
On 13 May 2010, at 10:15, Alan DeKok wrote: > Dean, Barry wrote: > ... >> [ldap] performing search in OU=UOL,DC=adserer,DC=liv,DC=ac,DC=uk, with >> filter (sAMAccountName=user) >> [ldap] looking for check items in directory... >> [ldap] looking for reply items in directory... >> WARNING: No "kn

Re: When to ldap?

2010-05-13 Thread Alan DeKok
Dean, Barry wrote: ... > [ldap] performing search in OU=UOL,DC=adserer,DC=liv,DC=ac,DC=uk, with > filter (sAMAccountName=user) > [ldap] looking for check items in directory... > [ldap] looking for reply items in directory... > WARNING: No "known good" password was found in LDAP. Are you sur

Re: When to ldap?

2010-05-13 Thread Alan DeKok
Dean, Barry wrote: ... > [ldap] performing search in OU=UOL,DC=adserer,DC=liv,DC=ac,DC=uk, with > filter (sAMAccountName=user) > [ldap] looking for check items in directory... > [ldap] looking for reply items in directory... > WARNING: No "known good" password was found in LDAP. Are you sure th

Re: When to ldap?

2010-05-13 Thread Dean, Barry
On 13 May 2010, at 06:54, Alan DeKok wrote: > Dean, Barry wrote: >> I am working on a new radius config and have been trying to avoid the lookup >> in LDAP I have been seeing for the outer identity. >> >> I have moved to 2.1.8 with the inner-tunnel virtual host enabled. >> >> I have an authori

Re: When to ldap?

2010-05-12 Thread Alan DeKok
Dean, Barry wrote: > I am working on a new radius config and have been trying to avoid the lookup > in LDAP I have been seeing for the outer identity. > > I have moved to 2.1.8 with the inner-tunnel virtual host enabled. > > I have an authorise section for the relevant virtual server that has:

When to ldap?

2010-05-12 Thread Dean, Barry
I am working on a new radius config and have been trying to avoid the lookup in LDAP I have been seeing for the outer identity. I have moved to 2.1.8 with the inner-tunnel virtual host enabled. I have an authorise section for the relevant virtual server that has: authorize {