(no subject)

Dustin Doris freeradius at mail.doris.cc
Mon Jun 20 15:32:21 CEST 2005


On Fri, 17 Jun 2005, Graham, Robert wrote:

> Dustin,
>
> Thanks for the response.  I was kind of wondering if the location of the
> group in Active Directory was an issue.  But that brings up another
> question.  Doesn't a ldapsearch use the basedn as a starting point?  If
> instance, I have the basedn set as follows in radiusd.conf:
>
> basedn = "ou=mem users,dc=mem-ins,dc=com"
>
> And the structure of our AD is:
>
> MEM-INS.COM
>     |
>     |
>     |_MEM Users
>           |
>           |
>           |
>           |

Where are the groups at?  Are they under ou=mem users?  If so, you are
correct, you should be able to find it in your search.

>
>
> And why is it that it can find the user "rgraham" but not the group.
>

Either the ldap search query you have setup in radiusd.conf is incorrect,
or perhaps the user you are binding with doesn't have permissions to
search the groups?

Can you post an example, of what a group member would look like in AD?




More information about the Freeradius-Users mailing list