Authenticate SuperMicro with LDAP

luckydog xf luckydogxf at gmail.com
Thu Mar 29 09:11:38 CEST 2018


Hi, All,

    I build a LDAP and FreeRadius(Version:3.0.13), and
change mods-available/ldap

    with
------------------------------------------
        update {
                # Radius Dictionary              LDAP
                control:Password-With-Header    += 'userPassword'
                control:NT-Password             := 'ntPassword'
                reply:Reply-Message             := 'radiusReplyMessage'
                reply:Attr-26                           :=
"DepartmentNumber"

-------------------------------------------

Here DepartmentNumber is an attribute of uid=test, cn=users, dc=xxx,dc=com
and its value is 0x483D342C20493D34(the hex-encoding of the "H=4, I=4"
string.)

this part is related to SuperMicro as it needs a speical packet listed here
https://www.supermicro.com/support/faqs/faq.cfm?faq=22374(This is verified
successfully).

The rest part of LDAP is fine. but  when I test, something comes up.
======================
(0) ldap: control:Password-With-Header +=
'{SSHA512}5Bz1gQ1mRfhuXY67ecj8XHzrnRzU/X8H0erumBdO1auZ1xTRjH22/Tz+pgC/SpS+x3x0HfVSjqt8AH0vrG5FNk33BWULZfy/'

(0) ldap: WARNING: Failed parsing value "0x483D342C20493D34" for attribute
Vendor-Specific: Must use 'Attr-26 = ...' instead of 'Vendor-Specific = ...'


================================

So I'm confused with it, what's wrong with my conf?

BTW, a similar problem is listed here
http://lists.freeradius.org/pipermail/freeradius-users/2017-November/089771.html


Thanks,

-hongquan


More information about the Freeradius-Users mailing list