<div dir="ltr"><div>now at the PC, i can write better:<br></div><div><br></div><div>1st: shout i uncoment this 2 lines on /modules/ldap</div><div># identity = "cn=admin,dc=xxxxx,dc=edu,dc=br"<br># password = "123abc"<br>
</div><div>?</div><div><br></div><div>i tryed both configs with ou=People or without and dont work.<br></div><div><br></div><div><br></div><div>uncomenting the 2 lines i get this on freeradius -X:</div><div><br></div><div>
[ldap] performing user authorization for user1<br>[ldap] WARNING: Deprecated conditional expansion ":-". See "man unlang" for details<br>[ldap] ... expanding second conditional<br>[ldap] expand: %{User-Name} -> user1<br>
[ldap] expand: (uid=%{Stripped-User-Name:-%{User-Name}}) -> (uid=user1)<br>[ldap] expand: ou=People,dc=xxxx,dc=edu,dc=br -> ou=People,dc=xxxxxx,dc=edu,dc=br<br> [ldap] ldap_get_conn: Checking Id: 0<br> [ldap] ldap_get_conn: Got Id: 0<br>
[ldap] attempting LDAP reconnection<br> [ldap] (re)connect to <a href="http://200.131.96.47:389">200.131.96.47:389</a>, authentication 0<br> [ldap] bind as cn=admin,dc=xxxxxx,dc=edu,dc=br/123abc to <a href="http://200.131.96.47:389">200.131.96.47:389</a><br>
[ldap] waiting for bind result ...<br> [ldap] Bind was successful<br> [ldap] performing search in ou=People,dc=xxxxx,dc=edu,dc=br, with filter (uid=user1)<br>[ldap] checking if remote access for user1 is allowed by uid<br>
[ldap] No default NMAS login sequence<br>[ldap] looking for check items in directory...<br> [ldap] userPassword -> Password-With-Header == "{MD5}ICy5YqxZB1uWSwcVLSNLcA=="<br>[ldap] looking for reply items in directory...<br>
[ldap] Setting Auth-Type = LDAP<br>[ldap] user user1 authorized to use remote access<br></div><div><br></div><div><br></div></div><div class="gmail_extra"><br><br><div class="gmail_quote">2013/3/13 Arran Cudbard-Bell <span dir="ltr"><<a href="mailto:a.cudbardb@freeradius.org" target="_blank">a.cudbardb@freeradius.org</a>></span><br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div class="im"><br>
On 13 Mar 2013, at 20:00, Fernando Barreto <<a href="mailto:fernando.sg1@gmail.com">fernando.sg1@gmail.com</a>> wrote:<br>
<br>
> hey, thanks for the quickly repply<br>
<br>
</div><div class="im">> [ldap] expand: dc=xxxx,dc=edu,dc=br -> dc=xxxxx,dc=edu,dc=br<br>
<br>
</div>Bbecause you changed the search DN?<br>
<br>
In the original request it was:<br>
<div class="im"><br>
> [ldap] expand: ou=People,dc=xxxxx,dc=edu,dc=br -> ou=People,dc=xxxxxxx,dc=edu,dc=br<br>
<br>
</div>Now its:<br>
<div class="im"><br>
> [ldap] expand: dc=xxxx,dc=edu,dc=br -> dc=xxxxx,dc=edu,dc=br<br>
<br>
</div>The and the scope is probably set incorrectly.<br>
<br>
and no, you don't need to duplicate the ldap config in radiusd.conf.<br>
<div class="HOEnZb"><div class="h5"><br>
-Arran<br>
<br>
<br>
-<br>
List info/subscribe/unsubscribe? See <a href="http://www.freeradius.org/list/users.html" target="_blank">http://www.freeradius.org/list/users.html</a><br>
</div></div></blockquote></div><br></div>