Active Directory anonymous rebinding when following references
Alan DeKok
aland at deployingradius.com
Wed Apr 30 11:43:16 CEST 2008
Hughes, Scott GRE/MG wrote:
> Numerous posts about Active Directory OU searching and FreeRadius can be found easily via Google, but none seem to have the definitive answer/workaround for the "Windows 2003 rebind failure when searching the root of the active directory"
>
> On the latest freeradius-2.0.3 compiled from source, I get the the rlm_ldap errors below whenever I use the
> basedn = "dc=my,dc=domainname,dc=com"
> rlm_ldap: ldap_search() failed: Operations error
...
> All seem to point back to bug 183, which has been open for a long time:
> http://bugs.freeradius.org/show_bug.cgi?id=183
>
> Is this bug still considered valid? What further needs to be done to get the patch or a similar fix integrated into the main code tree, especially the 2.0 release? I see the patch there, and have applied it to my old freeradius-1.0.1 installation, but stability issues prompted me to investigate an upgrade, and I am not entirely sure that the patch didn't *cause* my stability problems to begin with (the comment by Alan DeKok in the bugzilla entry sounds a little ominous).
See also doc/rlm_ldap, which discusses the "operations error" problem.
That might help...
Alan DeKok.
More information about the Freeradius-Users
mailing list