group authorization
Arran Cudbard-Bell
a.cudbardb at freeradius.org
Sat Mar 29 21:17:46 CET 2014
On 29 Mar 2014, at 19:53, Brendan Kearney <bpk678 at gmail.com> wrote:
> resending. rejected because of size. previously attached screenshot
> moved to imgur. http://imgur.com/MvEuJXb
>
> On Sat, 2014-03-29 at 11:07 -0400, Brendan Kearney wrote:
>> Reran this test, with a packet capture running to validate the returned
>> data from my directory.
>>
>> As expected, the authN works but the authZ fails. the uid is being
>> populated with the username and not the DN. The problem is that the
>> directory is replying with a successful lookup, and is giving back the
>> DN of my id. See attached screenshot of the packet capture. the blue
>> highlighted lines indicate the reply from the directory with the DN.
>>
>> where do i continue looking for the reason why the DN is not being
>> populated as the value to the variable "control:Ldap-UserDn"?
Honestly, just move to 3.0.2. The LDAP code in v2.x.x looked like an
incontinent Chihuahua or other small kickable type dog, had dragged
it's way across a source file.
It got rewritten twice, once by Alan to get the code into something
understandable by humans, and then once again by me to get rid of all
the weird legacy crap like the attrmap file.
Arran Cudbard-Bell <a.cudbardb at freeradius.org>
FreeRADIUS Development Team
FD31 3077 42EC 7FCD 32FE 5EE2 56CF 27F9 30A8 CAA2
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 881 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.freeradius.org/mailman/private/freeradius-users/attachments/20140329/a7bb4999/attachment-0001.pgp>
More information about the Freeradius-Users
mailing list