Freeradius Ldap

Cris Boisvert cris at
Fri Sep 23 21:59:58 CEST 2005

I'm setting up freeradius to talk to a Ipswitch Imail server for

Just needs to do the basic  User  Pass... Ok.

LDAP Server is  (this is all private testing) (the imail

Domain on the server is

A snippet of the config.
ldap {
                server = ""
                #identity = "cn=root,o=My Org,c=UA"
                #password = test1234                
                basedn = "o=My Org,c=UA"
                #filter = "(uid=%{Stripped-User-Name:-%{User-Name}})"
                # base_filter = "(objectclass=radiusprofile)"

                # set this to 'yes' to use TLS encrypted connections

I suspect that I'm having a problem with the Basedn.. On the imail server
the LDAP user and pass is 
Root and test1234

The actual mail account that I'm trying to autorize against is test at
pass test

Below is  a Cut form radiusd -X debug..

Anyone have any reccomendations>?

	modcall: group authorize returns ok for request 0
  rad_check_password:  Found Auth-Type LDAP
auth: type "LDAP"
  Processing the authenticate section of radiusd.conf
modcall: entering group Auth-Type for request 0
rlm_ldap: - authenticate
rlm_ldap: login attempt by "test at" with password "test"
radius_xlat:  '(uid=test at'
radius_xlat:  'o=My Org,c=UA'
rlm_ldap: ldap_get_conn: Checking Id: 0
rlm_ldap: ldap_get_conn: Got Id: 0
rlm_ldap: attempting LDAP reconnection
rlm_ldap: (re)connect to, authentication 0
rlm_ldap: bind as / to
rlm_ldap: waiting for bind result ...
rlm_ldap: Bind was successful
rlm_ldap: performing search in o=My Org,c=UA, with filter
(uid=test at
rlm_ldap: object not found or got ambiguous search result
rlm_ldap: ldap_release_conn: Release Id: 0
  modcall[authenticate]: module "ldap" returns notfound for request 0
modcall: group Auth-Type returns notfound for request 0
auth: Failed to validate the user.
Delaying request 0 for 1 seconds
Finished request 0
Going to the next request
--- Walking the entire request list ---
Waking up in 1 seconds...
--- Walking the entire request list ---
Waking up in 1 seconds...
--- Walking the entire request list ---
Sending Access-Reject of id 37 to
Waking up in 4 seconds...
--- Walking the entire request list ---
Cleaning up request 0 ID 37 with timestamp 43345c56
Nothing to do.  Sleeping until we see a request.

More information about the Freeradius-Users mailing list