www.8950aaa.com Forum Index www.8950aaa.com
 8950 AAA Server Discussion Forums 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups 
 RegisterRegister   Log inLog in 

The time now is Sun Sep 05, 2010 2:18 am
All times are UTC - 7 (DST in action)		 View posts since last visit
View unanswered posts
 Forum index » Public Forums » PolicyFlow Discussion
LDAP policy flow
Post new topic   Reply to topic View previous topicView next topic
Page 1 of 1 [2 Posts]  
Author Message
bkilcoyne

Joined: 10 May 2010
Posts: 3
  LDAP policy flow
Does anyone have a functional example of using LDAP plug-in to authenticate a user against Active Directory??

I don't seem to be able to get it to function utilizing Policy Assistant or Policy Flow Editor. I do get the bind DN/pw to function and attached to the directory. But all the searches for the user account fail. Searching is done from ou=StartOfDomain,dc=mydomain,dc=com with the search scope set to SCOPE_SUB. This should find the users in any sub OU's. It works from all of my other LDAP devices with out issue.

Documentation is sketchy ... if would be awesome anyone could provide an example.

Thanks in advance.
BK

PostPosted: Fri May 21, 2010 1:09 pm
 View user's profile Send private message Send e-mail
 Back to top 
pedro

Joined: 10 Mar 2009
Posts: 10
 I suppose you're binding to the LDAP server with the user's credentials.
In that case, you (the RADIUS server) should have the user's password in clear text. That means:
- CHAP can't be used, if using PPP
- EAP-MD5, EAP-PEAP, etc can't be used, if using 802.1X

Besides, there are a couple of properties in the LDAP plug-in you might need to modify:
- BindTimeout, and put it to a low value.
- AuthFailureIsError=No, so that the plug-in exits with FAILURE in case the user's credentials are incorrect

PostPosted: Tue May 25, 2010 5:35 am
 View user's profile Send private message Send e-mail
 Back to top 
Display posts from previous:   Sort by:   
Page 1 of 1 [2 Posts]  
Post new topic   Reply to topic View previous topicView next topic
 Forum index » Public Forums » PolicyFlow Discussion
Jump to:  


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum


Powered by phpBB © 2001, 2005 phpBB Group

[ Time: 1.0881s ][ Queries: 22 (0.1058s) ][ Debug on ]