Trying to integrate with LDAP
fernando.sg1 at gmail.com
fernando.sg1 at gmail.com
Thu Mar 14 18:20:07 CET 2013
i put on LDAP (/module)
password_attribute = userPassword
and now works fine... almost :S
he only works with plaintext password, how i change that to use MD5
passwords?
2013/3/14 <fernando.sg1 at gmail.com>
> im using openLDAP on ubunto 12.04 LTS
> i'll look the PDF, but if you can help in my last e-mail.
> thanks ;)
>
>
> 2013/3/14 Danny Kurniawan <danny.kurniawan at fairchildsemi.com>
>
>> I'm not sure if you are using Novell product or open ldap, but you can
>> see the basic information on how to integrate with LDAP here
>>
>>
>> https://www.netiq.com/documentation/edir_radius/pdfdoc/radiusadmin/radiusadmin.pdf
>>
>> -Danny
>>
>> On Thu, Mar 14, 2013 at 11:41 AM, Arran Cudbard-Bell <
>> a.cudbardb at freeradius.org> wrote:
>>
>>>
>>> On 13 Mar 2013, at 22:03, fernando.sg1 at gmail.com wrote:
>>>
>>> > now at the PC, i can write better:
>>> >
>>> > 1st: shout i uncoment this 2 lines on /modules/ldap
>>> > # identity = "cn=admin,dc=xxxxx,dc=edu,dc=br"
>>> > # password = "123abc"
>>> > ?
>>>
>>> Um yes if you need to do an authenticated bind to search in the
>>> directory.
>>>
>>> >
>>> > i tryed both configs with ou=People or without and dont work.
>>> >
>>> >
>>> > uncomenting the 2 lines i get this on freeradius -X:
>>> >
>>> > [ldap] performing user authorization for user1
>>> > [ldap] WARNING: Deprecated conditional expansion ":-". See "man
>>> unlang" for details
>>> > [ldap] ... expanding second conditional
>>> > [ldap] expand: %{User-Name} -> user1
>>> > [ldap] expand: (uid=%{Stripped-User-Name:-%{User-Name}}) -> (uid=user1)
>>> > [ldap] expand: ou=People,dc=xxxx,dc=edu,dc=br ->
>>> ou=People,dc=xxxxxx,dc=edu,dc=br
>>> > [ldap] ldap_get_conn: Checking Id: 0
>>> > [ldap] ldap_get_conn: Got Id: 0
>>> > [ldap] attempting LDAP reconnection
>>> > [ldap] (re)connect to 200.131.96.47:389, authentication 0
>>> > [ldap] bind as cn=admin,dc=xxxxxx,dc=edu,dc=br/123abc to
>>> 200.131.96.47:389
>>> > [ldap] waiting for bind result ...
>>> > [ldap] Bind was successful
>>> > [ldap] performing search in ou=People,dc=xxxxx,dc=edu,dc=br, with
>>> filter (uid=user1)
>>> > [ldap] checking if remote access for user1 is allowed by uid
>>> > [ldap] No default NMAS login sequence
>>> > [ldap] looking for check items in directory...
>>> > [ldap] userPassword -> Password-With-Header ==
>>> "{MD5}ICy5YqxZB1uWSwcVLSNLcA=="
>>> > [ldap] looking for reply items in directory...
>>> > [ldap] Setting Auth-Type = LDAP
>>> > [ldap] user user1 authorized to use remote access
>>> >
>>>
>>> Which seems to be correct?
>>>
>>> -Arran
>>> -
>>> List info/subscribe/unsubscribe? See
>>> http://www.freeradius.org/list/users.html
>>>
>>
>>
>>
>> --
>> Best Regards,
>> Danny
>>
>> -
>> List info/subscribe/unsubscribe? See
>> http://www.freeradius.org/list/users.html
>>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20130314/ccc8a78d/attachment.html>
More information about the Freeradius-Users
mailing list