LDAP/AD and multiple OU's
Justin Steward
althalus87 at gmail.com
Tue Sep 15 15:13:25 CEST 2009
On Tue, Sep 15, 2009 at 11:00 PM, Danner, Mearl <jmdanner at samford.edu> wrote:
> The default LDAP search in freeradius is sub (search all subcontainers from supplied root DN).
>
Many thanks.
> As to using UID:
>
> You'll need to search sAMAccountName in AD to insure that the name is unique.
>
> I don't believe that uid has guaranteed uniqueness. Evidently your implementation does not have unique uids.
>
> http://msdn.microsoft.com/en-us/library/ms680508%28VS.85%29.aspx
>
> Note that it's not single-valued. Whereas:
>
> http://msdn.microsoft.com/en-us/library/ms679635%28VS.85%29.aspx sAMAccountName is. Also it's indexed. Search's will be faster.
Ah, great. Thank you. Will test that out tomorrow.
Thanks,
Justin
More information about the Freeradius-Users
mailing list