[awful patch] "Multiple levels of TLS nesting is invalid."
Alan DeKok
aland at deployingradius.com
Fri Oct 17 16:31:24 CEST 2008
Matt Bernstein wrote:
> By this point we've correctly walked from default -> dcs -> dcs-inner.
> But.. as dcs-inner invokes rlm_ldap, it's using the wrong ldap instance:
...
> rlm_ldap: Entering ldap_groupcmp()
> [dcs-inner-files] expand: dc=maths,dc=qmul,dc=ac,dc=uk ->
> dc=maths,dc=qmul,dc=ac,dc=uk
> [dcs-inner-files] expand: (uid=%{Stripped-User-Name}) -> (uid=mb)
Let me guess. You have "LDAP-Group" as a check item in the
"dcs-inner-files" "users" file.
You will need to use the LDAP *instance* name to direct the LDAP-Group
comparison to the correct version of the LDAP module. e.g.
"dcs-inner-ldap-LDAP-Group"
Alan DeKok.
More information about the Freeradius-Users
mailing list