Hi Phil, I need some help again. Is there a way in the ldap module we can specify to return only ONE result for search filter. In my ldap tree when search with a filter (&(uid=test1)(phone=1231313128)) I get multiple results. And in the log I get message as search failed. I just want to return whatever the first result. rlm_ldap: performing search in dc=eng,dc=com, with filter (&(uid=test1)(phone=1231313128)) rlm_ldap: object not found or got ambiguous search result rlm_ldap: search failed Please help. Thanks and Regards, Eric. --- Eric Martell <workoutexcite@yahoo.com> wrote:
Thanks so much Phil. I am using freeradius-1.0.4
I am going to install the latest version and will try your suggestion.
Thanks and Regards. Eric.
--- Phil Mayers <p.mayers@imperial.ac.uk> wrote:
Eric Martell wrote:
Hi, Is it possible to altogether avoid authenticate section and just do ldap lookups in the authorize section?
authorize { ldap { notfound = reject } }
The problem is in the authenticate section, radius gets the userDN from the authorize and tries to "bind" ldap with password which we don't have.
I also tried in users file Ldap-UserDN := `cn=Manager,dc=eng,dc=com/answer2`
Assuming you are using a recent version of FreeRadius, you can do one of the following:
modules { ldap { ... set_auth_type = no } }
authorize { preprocess ldap pap }
authenticate { Auth-Type PAP { pap } }
____________________________________________________________________________________
Be a better pen pal. Text or chat with friends inside Yahoo! Mail. See how. http://overview.mail.yahoo.com/
____________________________________________________________________________________ Looking for last minute shopping deals? Find them fast with Yahoo! Search. http://tools.search.yahoo.com/newsearch/category.php?category=shopping