demouser is getting deleted after this anyhow. demouser, Users, myhost.com dn: uid=demouser,ou=Users,dc=myhost,dc=com userPassword:: e0NSWVBUfSQ2JGNiZWE2ZDc5MzJkZmE3NmIkWWdPUlpINlh0RFhtRkVEcmNCblg zQW82SkR4QUN5LkJSTVROWjhEa0YwaWRnM2NNMkQzZ1BFSFJmQTA1ZjhkUXgxNG8vNEZpNTc1eFhK LjJ5RGtEQS8=
On Jan 27, 2016, at 2:08 PM, Arran Cudbard-Bell <a.cudbardb@freeradius.org> wrote:
On Jan 27, 2016, at 4:36 PM, Will W. <will@damagesinc.net> wrote:
Question With Start_TLS yes this is enabling the Freeradius to connect to the LDAP server over a TLS tunnel correct?
Yes, the connection starts off as plaintext, then the ldap client requests to establish a TLS tunnel.
Map looks OK. You need to run ldapsearch with this invocation to see if the userPassword is being returned:
ldapsearch -H ldap://ldap.myhost.com:389 —ZZ x -b "ou=Users,dc=myhost,dc=com" -D "uid=demouser,ou=Users,dc=myhost,dc=com" -w testing123 "(objectClass=posixGroup)" userPassword
-Arran - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html