freeradius 3 ldap
Alan DeKok
aland at deployingradius.com
Fri Oct 25 14:39:18 CEST 2013
Davide Garofalo wrote:
> i've a big problem with the new module ldap.
It's a problem with active directory.
> when i perform a ldap request i've this error
> Fri Oct 25 14:16:30 2013 : ERROR: (0) ERROR: Failed performing search:
> Please set 'chase_referrals=yes' and 'rebind=yes'. See the ldap module
> configuration for details.
> Fri Oct 25 14:16:30 2013 : ERROR: (0) ERROR: Server said: 00000000:
> LdapErr: DSID-0C090627, comment: In order to perform this operation a
> successful bind must be completed on the connection., data 0, vece.
That would seem to be obvious. Do you have it configured to use the
correct credentials? Or, try using the global catalog server, instead
of a local AD server.
You might not know this, but AD isn't really an LDAP server. It
pretends to be one sometimes. But for critical issues... it's not.
DON'T do "-Xxxxxxx". It's pointless. "-X" is enough.
The debug log says:
> Fri Oct 25 11:57:16 2013 : Info: Invalid operator for item Ldap-Group:
reverting to '=='
Fix that. It won't solve the problem, but it will help.
Alan DeKok.
More information about the Freeradius-Users
mailing list