rlm_ldap: ldap_search() failed: Operations error - advice please

Jacob Jarick mem.namefix at gmail.com
Thu Apr 19 09:36:13 CEST 2007

Freeradius 1.1.3 installed via YUM on Fedora (not suse :P)
radiusd.conf: http://pastebin.ca/447690
radiusd -X -A output: http://pastebin.ca/447693
domain: tfxschool.internal
ADS: tfxschoolfs01.tfxschool.internal

Hi again people,

I have been pouring through the oreillys LDAP book (quite informative
so far to btw). I got the example of using freeradius against the
linux passwd file working fine. I tried their Freeradius and OpenLDAP
(now I know ADS isnt OpenLDAP btw) and it fails with the following
message: rlm_ldap: ldap_search() failed: Operations error

Oriellys one reccomended for OpenLDAP (errors, possibly due to
incorrect syntax ?):
filter = "(&(objectclass=posixAccount)(uid=%{Stripped-User-Name:-%{User-Name}}))"

Default filter (Fails with same search error):
filter = "(uid=%{Stripped-User-Name:-%{User-Name}})"

Im wondering if it is perhaps my basedn ?, Im still getting used to
the idea of them,
the user jacob (me) resides in the ou people FYI.

basedn = "ou=people,dc=tfxschool,dc=internal"

Thats all my info atm, Im currently compiling a 1.1.6 rpm (after Alan
resolving my silly little mistake) and will test then report back as I
feel its more likely a config error than a bug :)

If some1 else has a working radius setup that auths againts AD using
LDAP would they mind sending me the ldap { } section, would be very
handy to compare my config to a working one.

Thanks all, keep up the good work.

More information about the Freeradius-Users mailing list