Can you send the results of your success login using ldapsearch? Alhagie Puye - Network Engineer Datawave Group of Companies (604)295-1817
-----Original Message----- From: freeradius-users-bounces+apuye=datawave.com@lists.freeradius. org [mailto:freeradius-users-bounces+apuye=datawave.com@lists.fre eradius.org] On Behalf Of Dickson, John Sent: January 4, 2006 2:20 PM To: FreeRadius users mailing list Subject: RE: wireless - freeradius - MS ldap
Sorry, it was a failed attempt at not sending the REAL data. I have verified that the ldapsearch credentials are the credentials used in the radiusd.conf. The user has been verified.
I did have to add the details after the @ sign (using ldap search). Applying the same details in the radiusd.conf file and I still do not pass auth to the Windowz ldap. My thoughts are that it has something to do with "realm" section.
John
Using the credentials under the ldap settings for the radiusd.conf and cli with ldapsearch, ldapsearch produces results
-----Original Message----- From: freeradius-users-bounces+jdickson2=mccneb.edu@lists.freeradius.org [mailto:freeradius-users-bounces+jdickson2=mccneb.edu@lists.f reeradius.o rg] On Behalf Of Alan DeKok Sent: Wednesday, January 04, 2006 3:36 PM To: FreeRadius users mailing list Subject: Re: wireless - freeradius - MS ldap
"Dickson, John" <JDickson2@mccneb.edu> wrote:
Here is my ldap section:
ldap { server = "10.1.1.29" identity = dmadmin1 password = rDkf@my ...
This seeems to work:
[john@magellan ~]$ ldapsearch -LLL -h name.serverdm.domain.edu -x -b 'ou=Users,dc=name,dc=serverdm,dc=domain,dc=edu' -D any-user@serverdm.domain.edu -w Passw0rd
Hmm... did you use the same user/password information as the ldap config to do the ldapsearch?
Nope.
Are you surprised that the results are different from what FreeRADIUS sees? If so, why?
Alan DeKok.
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
This message (including any attachments) is confidential, may be privileged and is only intended for the person to whom it is addressed. If you have received it by mistake please notify the sender by return e-mail and delete this message from your system. Any unauthorized use or dissemination of this message in whole or in part is strictly prohibited. E-mail communications are inherently vulnerable to interception by unauthorized parties and are susceptible to change. We will use alternate communication means upon request.