Trouble with group checking against Samba4
Arthur Ramsey
arthur_ramsey at mediture.com
Wed Oct 23 02:03:41 CEST 2013
I was trying to prevent it from using local users, but obviously that needs to be managed in the users file instead of my default site. You were right on the money. Thanks for catching my stupidity.
Thanks,
Arthur
----- Original Message -----
From: "Alan DeKok" <aland at deployingradius.com>
To: "FreeRadius users mailing list" <freeradius-users at lists.freeradius.org>
Sent: Tuesday, October 22, 2013 6:56:46 PM GMT -06:00 US/Canada Central
Subject: Re: Trouble with group checking against Samba4
Arthur Ramsey wrote:
> I'm having trouble getting group membership to work against Samba4
> (Active Directory). It doesn't appear to be running the search
> (&(objectClass=group)(member=%{control:Ldap-UserDn})).
Because you told it to ignore the "users" file.
> I've googled and found others with the same issue, but I don't see the
> same configuration mistakes that they had made.
>
> modules/ldap <http://pastebin.com/Bw5AUn89>
> users <http://pastebin.com/H44gW7uT>
Which says to do LDAP group checks.
> debug output <http://pastebin.com/YTFDTCy6>
Which says it's not using the "files" module.
i.e. it has been removed from raddb/sites-enabled/default.
Why?
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
More information about the Freeradius-Users
mailing list