LDAP Module : basedn empty -> error

Arran Cudbard-Bell a.cudbardb at freeradius.org
Fri Nov 29 22:28:13 CET 2013


On 29 Nov 2013, at 17:31, Dominique Fournier <dominique.fournier at grenoble.cnrs.fr> wrote:

> Hi
> 
> I just try with a space in it and it doesn't work.
> I have the logs :
> [ldap-inner-tunnel] performing user authorization for richard.heral
> [ldap-inner-tunnel] 	expand: (mail=%{User-Name}) -> (mail=XXXX.fr)
> [ldap-inner-tunnel] 	expand:   ->
>  [ldap-inner-tunnel] ldap_get_conn: Checking Id: 0
>  [ldap-inner-tunnel] ldap_get_conn: Got Id: 0
>  [ldap-inner-tunnel] attempting LDAP reconnection
>  [ldap-inner-tunnel] (re)connect to ldaps://XXXXXfr:636, authentication 0
>  [ldap-inner-tunnel] bind as uid=XXXXX=fr/YYYY to ldaps://XXXXX.fr:636
>  [ldap-inner-tunnel] waiting for bind result ...
>  [ldap-inner-tunnel] Bind was successful
>  [ldap-inner-tunnel] performing search in  , with filter (mail=XXXX.fr)
>  [ldap-inner-tunnel] ldap_search() failed: Invalid DN syntax
> [ldap-inner-tunnel] search failed
>  [ldap-inner-tunnel] ldap_release_conn: Release Id: 0
> ++[ldap-inner-tunnel] returns fail
> 
> So there is no solution for me... except go to freeradius 3.
> 
> Do you think a patch can be processed to the 2.x branch without changing everything ?

Sure. Can you make sure this actually fixes it though. I'm not sure how libldap will deal with zero length basedn strings.

-Arran

-------------- next part --------------
A non-text attachment was scrubbed...
Name: rlm_ldap-2.x.x.patch
Type: application/octet-stream
Size: 2607 bytes
Desc: not available
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20131129/09eb2e88/attachment-0001.obj>
-------------- next part --------------


Arran Cudbard-Bell <a.cudbardb at freeradius.org>
FreeRADIUS Development Team



More information about the Freeradius-Users mailing list