Hi guys,

A couple of quick questions just to make sure I don't end up chasing my own tail.

Need to authenticate by doing a basic bind against an AD server. All users are contained in seperate OU's below a primary OU.

The relevant LDAP lines from radiusd -X are (with identifiable information removed):
rlm_ldap: bind as Cn=lookupuser,OU=Primary, ou=....../password123 to .....:389
rlm_ldap: waiting for bind result ...
rlm_ldap: Bind was successful
rlm_ldap: performing search in ou=Primary,ou=....., with filter (uid=username)
rlm_ldap: object not found or got ambiguous search result

Now, I know the user is actually contained in ou=2015,ou=Primary,ou=..... and there are others contained in 2016,2017,2018, etc.

1) Does freeRadius automatically search each of these sub containers, or do I have to tell it to some how?
2) Does AD even store usernames in UID? (loln00b question. But i have no experienec with AD, so far I haven't had an AD box to play with, and this one is more or less out of my control, I can only talk to it over LDAP.)

Many Thanks,
Justin