<br><br><div class="gmail_quote">2010/6/9 Alan DeKok <span dir="ltr"><<a href="mailto:aland@deployingradius.com">aland@deployingradius.com</a>></span><br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;">
<div class="im">Nelson Vale wrote:<br>
> Sorry, the problem occurs only with the " (double quotes) character and<br>
> not to the other two characters.<br>
<br>
</div> Try re-building from <a href="http://git.freeradius.org" target="_blank">git.freeradius.org</a>, branch v2.1.x. There's a fix<br>
which should help.<br>
<font color="#888888"><br></font></blockquote>
<p style=" margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;">The user's DN is OK now (no extra characters), but the ldap authentication still doesn't work. I think the problem is that double quotes must be escaped before sent to AD.</p>
<p style="-qt-paragraph-type:empty; margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;"></p>
<div>In my fix in rlm_ldap (test purpose only), I did just that before assigning the vp_user_dn->vp_strvalue value to user_dn in ldap_authenticate() and it works OK.</div><div><br></div><div><div>"...</div><div>+- entering group LDAP {...}</div>
<div>[ldap] login attempt by "xavez" with password "test123;"</div><div>[ldap] user DN: CN=Carlos "xpto". Chavez,OU=students,DC=domain,DC=local</div><div> [ldap] (re)connect to 192.168.0.73:389:389, authentication 1</div>
<div> [ldap] bind as CN=Carlos "xpto". Chavez,OU=students,DC=domain,DC=local/test123; to 192.168.0.73:389:389</div><div> [ldap] waiting for bind result ...</div><div> [ldap] Bind failed with invalid credentials</div>
<div>++[ldap] returns reject</div><div>Failed to authenticate the user.</div></div><div>..."</div><div> </div><div>Escaping the double quotes:</div><div><br></div><div>"...</div><div><div>[ldap] login attempt by "xavez" with password "test123;"</div>
<div>[ldap] user DN: CN=Carlos \"xpto\". Chavez,OU=students,DC=domain,DC=local</div><div> [ldap] (re)connect to 192.168.0.73:389:389, authentication 1</div><div> [ldap] bind as CN=Carlos \"xpto\". Chavez,OU=students,DC=domain,DC=local/test123; to 192.168.0.73:389:389</div>
<div> [ldap] waiting for bind result ...</div><div> [ldap] Bind was successful</div><div>[ldap] user xavez authenticated succesfully</div><div>++[ldap] returns ok</div></div><div>..."</div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;">
<font color="#888888">
Alan DeKok.<br>
-<br>
List info/subscribe/unsubscribe? See <a href="http://www.freeradius.org/list/users.html" target="_blank">http://www.freeradius.org/list/users.html</a><br>
</font></blockquote></div><br>