The LDAP server we have set up is used to authenticate users based on
their username and password. If I were to query from the (Linux)
command line using ldapsearch, the query would appear as follows:<br>
<br>
ldapsearch -x -h <a href="http://ldap.domain.com">ldap.domain.com</a> -b ou=ldap,o=<a href="http://domain.com">domain.com</a> -D uid=XXX,ou=it,o=<a href="http://domain.com">domain.com</a> -w 'YYY'<br>
<br>
Where XXX is a person's username and YYY is their password. That
means a person can only query their own information and not anyone
elses (unless, of course, they have someone else's username and
password).<br>
<br>
>From what I can see, it doesn't appear as though the %{User-Name}
variable can be used within the "identity" setting in freeRADIUS
1.0.1. If that's correct, does it mean freeRadius won't be able
to be used for this particular set up? If I hardcode a test
username and password in the configuration as follows:<br>
<br>
server = "<a href="http://ldap.domain.com">ldap.domain.com</a>"<br>
identity = "uid=XXX,ou=it,o=<a href="http://domain.com">domain.com</a>"<br>
password = 'YYY'<br>
basedn = "ou=ldap,o=<a href="http://domain.com">domain.com</a>"<br>
<br>
it binds correctly. However, for our particular setup, both the
username and password's used to bind to the server need to be variable
at run time.<br>