[afnog] Cisco, Radius & LDAP Problem
Thato Molise
info at datacom.co.ls
Sat Apr 22 10:14:22 EAT 2006
Sorry for not replying in time, I was still struggling a bit. I am using
freeRADIUS but I disabled CHAP on the NAS only not on the Windows client.
ITS WORKING PERFECTLY now. Thanx a lot.
But I have a little problem again. Even when I have set the expiry dates for
the account my freeRADIUS still authenticates the user how can I make sure
that this doesnt happen!
regards,
T. Molise
Phone: (+266) 22312764/22317672/58850032/58997232
Fax: (+266) 22317672
Email: tmolise at datacom.co.ls
tmolise at motech.co.ls
info at datacom.co.ls
info at motech.co.ls
support at datacom.co.ls
support at motech.co.ls
----- Original Message -----
From: "Brian Candler" <B.Candler at pobox.com>
To: "Thato Molise" <info at datacom.co.ls>
Cc: <afnog at afnog.org>
Sent: Thursday, April 20, 2006 9:31 AM
Subject: Re: [afnog] Cisco, Radius & LDAP Problem
> On Thu, Apr 20, 2006 at 08:59:50AM +0200, Thato Molise wrote:
>> Oh, my LDAP version is openldap 2.0.27-17; Indeed I havent updated to a
>> newer version, can that be the problem too?
>
> Presumably that's OpenLDAP you're talking about.
>
> I don't think that's your problem, although that's pretty ancient code,
> and
> only supports LDAPv2 I believe. The upgrade to 2.2 or 2.3 might involve
> some
> pain, as it will reveal errors in your schema - OpenLDAP 2.0 was quite lax
> about schema checking. I'd build the newer LDAP server on a different box
> (or different port on the same box), export the data as LDIF, import it
> into
> the new one, and then make sure everything is working properly before
> switching over.
>
> What's your RADIUS server - FreeRADIUS?
>
> Have you tried what I suggested - i.e. taking one of your Windows clients
> and disabling CHAP on it, or disabling CHAP on the NAS?
>
> Brian.
More information about the afnog
mailing list