RE: LDAP authentication using Radius

["JET JETASIK" <jet@transniaga.co.th>]

Dan White wrote:
> On 08/15/12 00:21 +0700, JET JETASIK wrote:
> >I am investigating 2 factor authentication in which mostly they are
> >radius server actually.
> 
> Can you describe what kind of two factor authentication you are looking to
> support?

It is hardware(token) OTP, response only.

> >My problem is that most of my applications relying on LDAP auth only.
> 
> If you desire to support RADIUS authentication, with your authentication
> database stored within OpenLDAP, take a look at the FreeRADIUS ldap
> backend. 

Nope. The 2FA authentication server is Radius server and almost of my
applications right now is doing LDAP auth, cannot do Radius auth.
I am looking for LDAP with Radius backend or maybe LDAP proxy(auth) to
Radius backend...

> >I am trying to figure out on how to use
> >openldap/contrib/slapd-modules/passwd/radius.c
> >
> >I did compile and successfully loaded it but not sure how to configure
it.
> >
> >
> >
> >This is what I put into slapd.conf to load the module:
> >
> >moduleload pw-radius.so config="/etc/radius.conf"
> >
> >
> >
> >Firstly I couldn't figure out what exactly is the format of
> >/etc/radius.conf (Mandatory items: Radius server IP& Share Secret)
> >
> >Secondly the format of userpassword scheme, {RADIUS}XXXXYYY@ZZZ ??
> 
> I have not used the radius module, so I can't answer this question.
> 
> --
> Dan White
> 
> -----

--
JET JETASIK