ldap double bind (rebind) problem

Joerg Spatschil joerg.spatschil at oenb.at
Wed Jul 1 15:37:31 CEST 2009


Thanks a lot- works perfectly
Jörg

Alan DeKok wrote:
> Joerg Spatschil wrote:
>> I run FreeRADIUS Version 2.0.5, for host i686-pc-linux-gnu and testing
>> FreeRADIUS Version 2.1.3 both on gentoo systems, I want to peap
>> authenticate, authorize and set VLANs on a Cisco Cat 4500 according to a
>> ldap Attribute.
> ...
>> Adding the machine and user to users file
>> DEFAULT Auth-Type := EAP, User-Password == ""
> 
>   Don't do this.
> 
>   (1) Setting Auth-Type is unnecessary and wrong.  Delete it.
> 
>   (2) Setting User-Password == "" is unnecessary and wrong. Delete it.
> 
>> user at domain    Auth-Type := EAP, User-Password == ""
> 
>   The same comments apply here.
> 
>> Major problem in the debug:
>> new result:  res_errno: 1, res_error: <000004DC: LdapErr: DSID-0C0906DD,
>> comment: In order to perform this operation a successful bind must be
>> completed on the connection., data 0, v1772>, res_matched: <>
>> read1msg: ld 0x81c1068 0 new referrals
> 
>   You will need to install version 2.1.6, and configure
> "chase_referrals" and "rebind" in the ldap module.  See
> raddb/modules/ldap for more details.
> 
>   Alan DeKok.
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html



More information about the Freeradius-Users mailing list