Hi, I am curently trying to migrate my sever from freeradius 2 to 3 and am facing a number of problems. The first in in ldap module. In version 2, I did not define an identity nor a password and the binding to ldap server is made with the user name and password, effectively using ldap to authenticate the user. In ldap logs, with Freeradius 2, I have: Aug 31 16:19:41 ldap slapd[550]: conn=60636 fd=98 ACCEPT from IP=192.41.170.6:39806 (IP=192.41.170.6:636) Aug 31 16:19:41 ldap slapd[550]: conn=60636 fd=98 TLS established tls_ssf=256 ssf=256 Aug 31 16:19:41 ldap slapd[550]: conn=60636 op=0 BIND dn="uid=on,ou=People,ou=csim,dc=cs,dc=ait,dc=ac,dc=th" method=128 Aug 31 16:19:41 ldap slapd[550]: conn=60636 op=0 BIND dn="uid=on,ou=People,ou=csim,dc=cs,dc=ait,dc=ac,dc=th" mech=SIMPLE ssf=0 Aug 31 16:19:41 ldap slapd[550]: conn=60636 op=0 RESULT tag=97 err=0 text= Aug 31 16:19:41 ldap slapd[550]: conn=60636 op=1 UNBIND Aug 31 16:19:41 ldap slapd[550]: conn=60636 fd=98 closed showing that radius has properly bound to ldap using the username (dn="on"). With the version3, I see: Aug 31 16:30:32 ldap slapd[550]: conn=60904 fd=107 ACCEPT from IP=192.41.170.3:37996 (IP=192.41.170.6:636) Aug 31 16:30:32 ldap slapd[550]: conn=60904 fd=107 TLS established tls_ssf=256 ssf=256 Aug 31 16:30:32 ldap slapd[550]: conn=60904 op=0 BIND dn="" method=128 where an anonymous bind is attempted (dn=""). I am not sure what has change in this regard between version 2 and 3, but I really need to replicate the same mechanism as in version 2, that is bind with the user name instead of going with some administrator account that would search in the ldap directory. How can I acheive that? Thanks in advance, Olivier --