users file auth failing

Pat Riehecky prieheck at iwu.edu
Tue Oct 28 14:25:20 CET 2008


On Mon, 2008-10-27 at 18:41 -0600, Anthony Chavez wrote:
> Module: Instantiating ldap
>   ldap {
>         server = "directory.somedomain"
>         port = 389
>         password = "secret"
>         identity = "cn=Manager,dc=somedomain"

I don't know how much of this was from clean up, but if possible you
really really shouldn't use cn=Manager,dc=somedomain for this.  It is
generally concidered a no go to let anything use the directory manager.
At our site I created a dedicated radiusd user who has exactly and only
the rights needed by radius.  I don't know if that is an option at your
site, but if it is I strongly suggest it.

Pat




More information about the Freeradius-Users mailing list