After searching the archives this question has been asked but I can find no
definitive answer.
Can radiator running on a "non" windows platform authenticate users against AD
using SSL and without proxying the requst to a windows based radius server?
Using the config examples located in the faq and ref man I am unable to get
this to work. Could someone who has successfully done this provide some
insight or config example?
<Handler Realm = myrealm.somewhere.com>
<AuthBy LDAP2>
UseSSL
# SSLVerify none
Host myad.myrealm.somewhere.com
AuthDN radiusbind
AuthPassword xxxxxxx
BaseDN cn=Users, dc=myrealm, dc=somewhere, dc=com
ServerChecksPassword
UsernameAttr cn
</AuthBy>
</Handler>
*** Received from 127.0.0.1 port 32948 ....
Code: Access-Request
Identifier: 88
Authentic: 1234567890123456
Attributes:
User-Name = "user at myrealm.somewhere.com"
Service-Type = Framed-User
NAS-IP-Address = 10.4.40.31
NAS-Port = 1234
Called-Station-Id = "123456789"
Calling-Station-Id = "987654321"
NAS-Port-Type = Async
User-Password =
"<154><226>,<206><192>\<4><246><188>8<9><160><216>}x<153>"
Fri Dec 5 14:14:55 2003: DEBUG: Handling request with Handler 'Realm =
myrealm.somewhere.com'
Fri Dec 5 14:14:55 2003: DEBUG: Deleting session for
crb6x at hscs.virginia.edu, 10.4.40.31, 1234
Fri Dec 5 14:14:55 2003: DEBUG: Handling with Radius::AuthLDAP2:
Fri Dec 5 14:14:55 2003: INFO: Connecting to myad.myrealm.somewhere.com, port
636
Fri Dec 5 14:14:55 2003: ERR: Could not open LDAP connection to
myad.myrealm.somewhere.com, port 636. Backing off for 600 seconds.
Thanks,
--
Chuck
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.