I would like to ldap bind with username instead of DN
Coy Hile
coy.hile at coyhile.com
Fri Jun 19 16:51:02 CEST 2020
> On Jun 19, 2020, at 9:55 AM, Wessel Louwris <wessel at stutit.nl> wrote:
>
>
>
>> Op 19 jun. 2020, om 15:36 heeft Adam Bishop <Adam.Bishop at jisc.ac.uk> het volgende geschreven:
>>
>> On 19 Jun 2020, at 13:11, Wessel Louwris <wessel at stutit.nl> wrote:
>>> DEFAULT Ldap-UserDN := "%{User-Name}”
>>
>> Do google permit that format?
>>
>> i.e. if you run ldapsearch from the cli with `-D "username"` does it work?
>>
>> Adam Bishop
>
>
> Thanks for you reply! Yes, if I run
>
> LDAPTLS_CERT=ldap-client.crt LDAPTLS_KEY=ldap-client.key ldapsearch -W -D user at company.nl -H ldaps://ldap.google.com -b dc=example,dc=com '(mail=user at company.nl)’
>
> on the container where my freeradius is running I can login with the password from user at company.nl and get results.
>
> That’s why I hope I can convince freeradius to use that username for binding also.
>
> Kind regards,
>
> Wessel
>
That makes me think you probably just need to configure the LDAP module to turn what you give it into a DN similarly to how one might customize the queries used by the SQL module.
I haven’t used the LDAP module myself, so I can’t really help you there.
--
Coy Hile
coy.hile at coyhile.com
More information about the Freeradius-Users
mailing list