My problem is the ldap password retrieved from the windows client is
not being sent to the ldap server.
So I get that error when trying to login.
I have added
checkItem userPassword User-Password
but it still complains of the same error.
The weird thing is It was working fine friday.
Jacob Jarick wrote:
> My problem is the ldap password retrieved from the windows client is
> not being sent to the ldap server.
The problem is that you have configured "Auth-Type := LDAP", and then
sent the server an 802.1x authentication request. Do NOT set Auth-Type =
LDAP. This is repeated a
Thanks again Alan,
For reference the oriellys LDAP book instructs you to set "Auth-Type
:= LDAP" so thats where I got the bad reference (perhaps other people
to).
Now lets see if I understood the tables correctly.
PAP is the only method that will support LDAP bind as user ?
I should comment out
Jacob Jarick wrote:
> Thanks again Alan,
> For reference the oriellys LDAP book instructs you to set "Auth-Type
> := LDAP" so thats where I got the bad reference (perhaps other people
> to).
Yes. There is a LOT of documentation (web pages, etc.) that say to do
the wrong thing. It's unfortunate
Forgive the newbie questions but I think its best to clear up confusion.
client -> cisco -> FR server = eap
FR -> ADS 2003 = pap
Is that correct or am I way off track.
On 4/23/07, Alan DeKok <[EMAIL PROTECTED]> wrote:
> Jacob Jarick wrote:
> > Thanks again Alan,
> > For reference the oriellys L
So the big question is, what Auth-Type do I use ?
If LDAP is not permitted (still confuses me as I only need / want
radius to authenticate against LDAP) what Auth-Type do I set in the
users file so that Wireless users can authenticate using their ADS
username and passwords.
On 4/23/07, Jacob Jari
Alan,
my test pc only supports PEAP over wireless and setup has to be wireless.
Removing "ldap" from the "authenticate" section causes an EAP error,
so I guess there is more configuration than simply removing /
commenting that section out.
I dont know how to not bind as a user when using FR + LD
Jacob Jarick wrote:
> So the big question is, what Auth-Type do I use ?
You have been told that you should not set it. That means "You should
not set it". It does not mean "use another value".
> If LDAP is not permitted (still confuses me as I only need / want
> radius to authenticate against
Alan,
I try to understand I can only get answers from you guys when
available so yes I do go off and try random howtos (literally anything
I can find) I the hopes I learn a bit more.
But yes, I am now 100% clear on not setting Auth-Type.
Thanks again Alan.
On 4/24/07, Alan DeKok <[EMAIL PROTECTE
9 matches
Mail list logo
