LDAP + SASL Freeradius 3.0.11

Danner, Mearl jmdanner at samford.edu
Fri May 6 02:46:25 CEST 2016


Sometimes cn is not equal to samaccountname.

In ad cn is a multivalued attribute. Make sure that the user only has one value in cn and use that value.

Sent from my Android phone using Symantec TouchDown (www.symantec.com)

-----Original Message-----
From: Matthew Beckler [mbeckler at overturecenter.org]
Received: Thursday, 05 May 2016, 7:42PM
To: freeradius-users at lists.freeradius.org [freeradius-users at lists.freeradius.org]
Subject: RE: LDAP + SASL Freeradius 3.0.11

Date: Thu, 5 May 2016 21:20:37 +0000
From: "Danner, Mearl" <jmdanner at samford.edu>
To: FreeRadius users mailing list
        <freeradius-users at lists.freeradius.org>
Subject: RE: LDAP + SASL Freeradius 3.0.11

> You'll probably need the FQDN of the user. I.E. cn=ldaplookup, ..........
Sorry I forgot to mention I did try it with the FQDN same error. Also I could not get the FQDN to work with ldapsearch I wonder if I need to use a different option to use fqdn with LDAPsearch.

> Also, with most AD implementations the Users container is CN= rather than OU=
In this case the person who setup AD moved all the users from the default users container to an OU called users.



Matt
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html


More information about the Freeradius-Users mailing list