LDAP authentication problem
John Dennis
jdennis at redhat.com
Thu Jul 29 19:35:54 CEST 2010
On 07/29/2010 01:08 PM, Sallee, Stephen (Jake) wrote:
> I have correctly configured the LDAP module (I think...) but when I try
> to authenticate a user I get an error saying the user cannot be found.
> I have attached the debug output. I have tried turning the "follow
> referrals" and "rebind" vars on and off but I get the same outcome. At
> first, I was getting a timeout error but I increased the timeouts and
> fixed that.
>
> I know the user is correct. Here is the LDAP string for the user:
>
> LDAP://CN=dspam,OU=InformationTechnology,OU=UsersByDepartment,OU=Adminis
> trative,DC=umhb,DC=edu
>
> Any ideas?
Yes, it's the same one always posted on this list for this question.
Use the ldapsearch command line program and perform the exact same
search as appears in your debug output. It is critical when you use
ldapsearch you bind *exactly* the same way the bind is configured in
rlm_ldap so the search executes with the same ACL's.
Keep iterating using ldapsearch until you get the expected results, then
adjust your rlm_ldap config to match.
--
John Dennis <jdennis at redhat.com>
Looking to carve out IT costs?
www.redhat.com/carveoutcosts/
More information about the Freeradius-Users
mailing list