LDAP/AD and multiple OU's

Justin Steward althalus87 at gmail.com
Tue Sep 15 15:13:25 CEST 2009

On Tue, Sep 15, 2009 at 11:00 PM, Danner, Mearl <jmdanner at samford.edu> wrote:
> The default LDAP search in freeradius is sub (search all subcontainers from supplied root DN).
Many thanks.

> As to using UID:
> You'll need to search sAMAccountName in AD to insure that the name is unique.
> I don't believe that uid has guaranteed uniqueness. Evidently your implementation does not have unique uids.
> http://msdn.microsoft.com/en-us/library/ms680508%28VS.85%29.aspx
> Note that it's not single-valued. Whereas:
> http://msdn.microsoft.com/en-us/library/ms679635%28VS.85%29.aspx sAMAccountName is. Also it's indexed. Search's will be faster.

Ah, great. Thank you. Will test that out tomorrow.



More information about the Freeradius-Users mailing list