Freeradius-Users Digest, Vol 63, Issue 86
Wayne Van der Merwe
vdmerww at gmail.com
Fri Jul 23 14:04:22 CEST 2010
>
> Wayne Van der Merwe wrote:
> > I have FreeRADIUS 2.1.1 setup on SUS server 10.1
> >
> > We are wanting to do a LDAP connection to Novell edirectory server for
> > our users.
> >
> > From the debug out put the LDAP session binded corectly
> > The searched part failed.
> >
> > I would like to know did the radius server send out the loging name as
> > uid=53986067? as indicated below.
> > rlm_ldap: performing search in
> > ou=USERS,ou=ELS-FRERE,ou=AMATOLA,ou=HLT,o=EC, with filter (uid=53986067)
>
> Because:
>
> 1) the Access-Request contains "53986067" as the User-Name
> 2) the ldap module is configured to use "uid=%{User-Name}"
>
> This is all shown in the debug output.
>
> > When i do a ldapsearch -h 10.219.176.30 -b
> > ou=USERS,ou=ELS-FRERE,ou=AMATOLA,ou=HLT,o=EC -x "uid=53986067"
> > I get no results.
> >
> > If i use -x "cn=53986067" the user is found.
>
> So... edit the ldap module configuration to use "cn=%{User-Name}"
> instead of "uid". There's a reason the configuration files are text:
> they can be edited.
>
> Alan DeKok.
>
>
>
> ------------------------------
>
> Noted
After the change i have this problem in the debug output
rlm_ldap: waiting for bind result ...
rlm_ldap: Bind was successful
rlm_ldap: performing search in ou=USERS,ou=ELS-FRERE,ou=AMATOLA,ou=HLT,o=EC,
with filter (cn=53986067)
[ldap] No default NMAS login sequence
[ldap] looking for check items in directory...
[ldap] looking for reply items in directory...
WARNING: No "known good" password was found in LDAP. Are you sure that the
user is configured correctly?
[ldap] user 53986067 authorized to use remote access
rlm_ldap: ldap_release_conn: Release Id: 0
The "[ldap] No default NMAS login sequence how do i sort this out?"
and
"WARNING: No "known good" password was found in LDAP. Are you sure that the
user is configured correctly?"
is to do with a clear text password that radius needs to read from the LDAP
server as per other posts. how or where do i sort this out.
Is this also related to the NMAS login sequence?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20100723/8936b786/attachment.html>
More information about the Freeradius-Users
mailing list