The LDAP server we have set up is used to authenticate users based on their username and password. If I were to query from the (Linux) command line using ldapsearch, the query would appear as follows: ldapsearch -x -h ldap.domain.com -b ou=ldap,o=domain.com -D uid=XXX,ou=it,o= domain.com -w 'YYY' Where XXX is a person's username and YYY is their password. That means a person can only query their own information and not anyone elses (unless, of course, they have someone else's username and password).
From what I can see, it doesn't appear as though the %{User-Name} variable can be used within the "identity" setting in freeRADIUS 1.0.1. If that's correct, does it mean freeRadius won't be able to be used for this particular set up? If I hardcode a test username and password in the configuration as follows:
server = "ldap.domain.com" identity = "uid=XXX,ou=it,o=domain.com" password = 'YYY' basedn = "ou=ldap,o=domain.com" it binds correctly. However, for our particular setup, both the username and password's used to bind to the server need to be variable at run time.