Freeradius Ldap
Linus van Geuns
vangeuns at atis.uka.de
Fri Sep 23 23:52:11 CEST 2005
Cris Boisvert wrote:
> I'm setting up freeradius to talk to a Ipswitch Imail server for
> authetication.
>
> Just needs to do the basic User Pass... Ok.
>
>
[..]
> A snippet of the config.
> -----------------------------------------------
> ldap {
> server = "192.168.77.6"
> #identity = "cn=root,o=My Org,c=UA"
> #password = test1234
> basedn = "o=My Org,c=UA"
> #filter = "(uid=%{Stripped-User-Name:-%{User-Name}})"
> # base_filter = "(objectclass=radiusprofile)"
>
> # set this to 'yes' to use TLS encrypted connections
> ______________----------------------------------------------
>
[..]
> Below is a Cut form radiusd -X debug..
>
> Anyone have any reccomendations>?
>
>
>
> modcall: group authorize returns ok for request 0
> rad_check_password: Found Auth-Type LDAP
> auth: type "LDAP"
> Processing the authenticate section of radiusd.conf
> modcall: entering group Auth-Type for request 0
> rlm_ldap: - authenticate
> rlm_ldap: login attempt by "test at pork.com" with password "test"
> radius_xlat: '(uid=test at pork.com)'
> radius_xlat: 'o=My Org,c=UA'
Do you really have an object with attribute iud="test at pork.com"?
I think you should split the username with delimiter '@', so you search
for uid=test,dc=pork,dc=com (or similiar).
But if you have such objects, try ldap_debug=0xffff between ldap { } in
your radiusd.conf.
Linus van Geuns.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: OpenPGP digital signature
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20050923/a5f071d6/attachment.pgp>
More information about the Freeradius-Users
mailing list