rlm_ldap: login attempt by "mike" with password "mike123" radius_xlat: '(SamAccountName=mike)' radius_xlat: 'CN=Person,DC=chikka,DC=ph' rlm_ldap: ldap_get_conn: Checking Id: 0 rlm_ldap: ldap_get_conn: Got Id: 0 rlm_ldap: attempting LDAP reconnection rlm_ldap: (re)connect to 192.168.1.1:389, authentication 0 rlm_ldap: bind as / to 192.168.1.1:389 rlm_ldap: waiting for bind result ... rlm_ldap: Bind was successful rlm_ldap: performing search in CN=Person,DC=chikka,DC=ph, with filter (SamAccountName=mike)
-----
LDAPSEARCH RESULT
[root@repository ~]# ldapsearch -LLL -h 192.168.1.1 -x -b 'dc=domain,dc=com' '(samaccountname=mike)' -D mike -w mike123 dn: CN=mike,CN=Users,DC=domain,DC=com
There are two major differences in what you have freeradius configured to do and what your commandline search shows. Is this intended?? Freeradius -bind anonymously -search in CN=Person,DC=chikka,DC=ph Commandline -bind as mike -search in dc=domain,dc=com Unless I missed something and I'm just not getting it, I would give freeradius an identity and password of a user that has read access to the part of the directory your users are in. Then I would change the basedn in freeradius to actually match the basedn of your directory.