Receivin a full DN in a radius request
Jean-Francois Gobin
gobin at gobinjf.be
Mon Sep 12 10:57:07 CEST 2005
For now, the radius request is generated through "radtest".
--> Client :
[root at netlab01 root]# radtest "uid=P06227,ou=people,o=nrb,c=be" *******
localhost 0 ***********
Sending Access-Request of id 100 to 127.0.0.1:1812
User-Name = "uid=P06227,ou=people,o=nrb,c=be"
User-Password = "*****"
NAS-IP-Address = netlab01
NAS-Port = 0
rad_recv: Access-Reject packet from host 127.0.0.1:1812, id=100, length=20
--> Server
rlm_ldap: - authorize
rlm_ldap: performing user authorization for
uid=P06227,ou=people,o=nrb,c=be
radius_xlat: '(uid)'
radius_xlat: ' '
rlm_ldap: ldap_get_conn: Checking Id: 0
rlm_ldap: ldap_get_conn: Got Id: 0
rlm_ldap: performing search in , with filter (uid)
rlm_ldap: ldap_search() failed: Bad search filter: (uid)
rlm_ldap: search failed
rlm_ldap: ldap_release_conn: Release Id: 0
modcall[authorize]: module "ldap" returns fail for request 1
modcall: group authorize returns fail for request 1
So, the error is between the radius receives the packet and the rtm_ldap
sends the packet to the server. It seems that "radius_xlat" truncates my
username.
On Mon, 12 Sep 2005, Nicolas Baradakis wrote:
> En réponse à Jean-Francois Gobin :
>
>> For now, I got a problem : radiusd strips everything after the first "=",
>> leaving me with a username of "uid" ...
>
> Where does the string come from? Is it truncated in the RADIUS packet
> or in the LDAP entry?
>
> --
> Nicolas Baradakis
>
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>
----------
Jean-Francois Gobin - Administrateur gobinjf.be
http://www.gobinjf.be mailto:gobin at gobinjf.be
More information about the Freeradius-Users
mailing list