Ldap group troubles
Dourty, Brian R. (IATS)
DourtyB at missouri.edu
Tue Jun 5 21:50:43 CEST 2007
I'm having some trouble with the ldap group configuration against AD and
need a little help.
Freeradius 1.1.4
MS 2003 Active Directory
radiusd.conf
groupname_attribute = "cn"
groupmembership_filter = "(member=%{Ldap-UserDn})"
groupmembership_attribute = memberOf
users file
DEFAULT Ldap-Group == "CN= CSG
Group,OU=CSG,OU=ACE,OU=IATS,OU=MU,DC=col,DC=missouri,DC=edu", Auth-Type
:= LDAP
Using ldapsearch as follows I get a match.
ldapsearch -x -W -b"CN=Some GROUP,OU=" "(member= CN=Last\\\, First
\(Department\),CN=Users,DC=col,DC=missouri,DC=edu)"
The userDN actually looks like "CN=Last\, First
(Department),CN=Users,DC=col,DC=missouri,DC=edu" but we have escape the
\ and the () for bash.
Freeradius isn't getting the same results. It looks like it has to do
with the fact that the UserDN has a \, and (...) in it. Has anyone else
ran into this before?
Thanks,
Brian Dourty
System Administrator - Team Lead
Division of IT (formerly IAT Services)
University of Missouri - Columbia
573-882-1035
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20070605/5fc25e17/attachment.html>
More information about the Freeradius-Users
mailing list