LDAP changes between 1.01 and 1.1.5

Ryan Kramer rkramer at gmail.com
Thu Apr 12 22:48:47 CEST 2007

>   No.  It's part of the LDAP query.
>   In order to avoid external users logging in with names that are valid
> LDAP queries, the untrusted user input is escaped before it is passed to
> the LDAP module.

Apparently something in the ldap_escape_func is broken when talking to
Microsoft AD.  I replaced the code of that function with the much more
lenient code of the 1.0.1 ldap_escape_func, and it works great with MS LDAP
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20070412/d26c50a8/attachment.html>

More information about the Freeradius-Users mailing list