ldap basedn assignment

Craig Huckabee huck at spawar.navy.mil
Thu Aug 4 14:58:25 CEST 2005


ggreen at olemiss.edu wrote:

>>How do you have this setup?  Check out
> 
> doc/configurable_failover.  That
> 
>>should show you how to do it.
>>
> 
> I'm using configurable failover to get it to roll as it is.
>>From my radiusd.conf file: 
>  

[ snip ]

> The above problem line should be:
> rlm_ldap: bind as uid=username, ou=People,
> dc=university,dc=edu,c=us/test123 to
> openldap.university.edu:1744 
> However, it is taking the userdn from the ad server which
> gave the first authorize ok. What I need is for it to
> attempt to authenticate with the appropriate userdn
> depending on which server it is authenticating to. So it
> would use the userdn from AD authenticating to the AD server
> and the openldap userdn when authenticating to the openldap
> server.

For what it is worth, we've seen the same problem here - we applied a 
local hack to rlm_ldap.c to work around the problem but it isn't a 
proper fix.


--Craig




More information about the Freeradius-Users mailing list