regarding RFC 2253 UTF-8 String Representation of Distinguished Names support

Alan DeKok aland at deployingradius.com
Mon Jan 21 15:00:57 CET 2008


Gopinath Reddy N wrote:
> Iam trying to send ldap search request to Active Directory using free
> radius 2.0

  Yes... you said that already.

> When I analyzed using ethereal I have observed the below information.

  Since you were asked to post the debugging output, I don't understand
why you would fail to do that.

> António is sent as
> 0x41, 0x6e,0x74, 0xf3, 0x6e, 0x69, 0x6F which is a simple ASCII to hex
> conversion.

  No, it's not.  0xf3 is *not* an ASCII character, and it is not a "hex"
character.  This is not a "simple ASCII to hex conversion".  The problem
is that the string you are giving FreeRADIUS in the User-Name is *not*
UTF-8.

  Since you told FreeRADIUS to use a string *other* than UTF-8, I'm
curious as to why you think FreeRADIUS should use UTF-8 to talk to
Active Directory.

  If you want FreeRADIUS to use UTF-8 to Active Directory, then send a
User-Name that is a UTF-8 string.

> So wanted to check whether free radius 2.0 version is doing the encoding
> in UTF-8 format.Or some configuration attribute Iam missing.

  FreeRADIUS does not translate one character encoding to another.  The
RFC's say that the User-Name SHOULD be a UTF-8 string.  I suggest giving
the server a UTF-8 string, and not a string in some other weird encoding.

  Alan DeKok.



More information about the Freeradius-Users mailing list