Multiple BaseDN's - How Do I Do This?
Rob VanDusen
rvanduse at oaisd.org
Fri May 9 14:03:43 CEST 2008
Yes Phil, that is the unfortunate configuration I have inherited with the job. This is a school district, they really want to keep each school building as it's own top-level O. I work in the ESB building, so that was the baseDN I used for testing. I'd rather not have to run 6 different radius boxes, but I can't seem to figure out how to make the multiple ldap modules work. I found a few how-to's on the web, but they are for the 1.x version and they don't seem to work with the 2.x version.
-Rob
>>> Phil Mayers <p.mayers at imperial.ac.uk> 5/9/2008 7:09 AM >>>
Rob VanDusen wrote:
> I'm very new to both Linux and FreeRadius, so please excuse me if
> this is too easy a question. After a couple weeks of fighting,
> reading, testing and reconfiguring - I finally managed to get
> FreeRadius 2.x working with my Novell eDirectory. Right now my eDir
> tree is made up of 6 "O's" - one for each building in the
> organization. It looks something like this:
>
> ISDTREE | CTC | ESB | MTC | SPS | OAC | JSC
Sorry, that's a bit confusing; are you saying you don't have a common
top-level O or OU
That is, is the current basedn:
o=esb
?
If so, you've got problems (and if I may say so, that's a rather unwise
configuration)
>
> My current config will check via LDAP against a NetWare box and
> authorize anyone in the ESB container - but I can't get it to look at
> any of the other containers. I tried doing multiple instances of the
> LDAP module - but that resulted in the server not authorizing anyone.
http://wiki.freeradius.org/index.php/FAQ#It_still_doesn.27t_work.21
> How would I set this up so I can add the other O's as Base DN's? I'd
> really appreciate any instructions that a slightly dim bulb could
> follow.
>
> -Rob
More information about the Freeradius-Users
mailing list