Bind to ldap with the current auticated user
Alan DeKok
aland at deployingradius.com
Sun Nov 23 13:47:08 CET 2008
Ram Akuka wrote:
> Hi,
> i am trying to bind to LDAP server with my the current auth user ..
You don't need to change anything to do that. Just make sure LDAP is
being used for authentication, and it will automatically bind as user".
If you want to do "bind as user" to get authorization parameters, this
is wrong.
> so i added the following to the ldap module:
>
> identity = "uid=%{Stripped-User-Name:-%{User-Name}},ou=people,o=XXX,o=XXX"
> password = "%{%{User-Password}:-%{Chap-Password}}"
This is *totally* broken. For one reason, the CHAP authentication
method is *not* a password you can use to bind to ldap.
> can some one help me here and tell me what i am doing wrong here????
Leave the "identity" and "password" fields in the LDAP configuration
as the value for a read-only administrative user.
Alan DeKok.
More information about the Freeradius-Users
mailing list