[RADIATOR] connection / protocol failures and policy bevavior (decouple LDAP2 from EAP?)
Christian Meutes
christian at errxtx.net
Wed Jan 9 04:03:02 UTC 2019
On Wed, Jan 9, 2019 at 3:01 AM Christian Meutes <christian at errxtx.net>
wrote:
> we are using EAP authentication (802.1x) inside of 'AuthBy LDAP2', and
> that surrounded by another 'AuthBy Group'.
>
EAP was meant to say EAP-TLS. The CN of the user's certificate is slightly
modified by RewriteUsername in the 'AuthBy Group' (which seems to mean that
the AuthBy Group is called twice), and then used as lookup attribute again
in the LDAP query.
--
Christian
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.open.com.au/pipermail/radiator/attachments/20190109/968f08a9/attachment.html>
More information about the radiator
mailing list