Help connecting to remote ldap server
Raymond Norton
admin at lctn.org
Thu Jun 24 22:42:48 CEST 2010
I have been reading and looking at similar post non-stop and have an
idea what is wrong, but am not sure how to fix it.
I understand there may be a need to map ldap and radius attributes and I
have found a couple examples, but I am not entirely sure what the
changes should be.
It seems the other problem may be the authentication being used., maybe
a combination of both. I would guess I'm about one or two config changes
from getting this to work.
The ldap user I am trying to authenticate was created via:
./migrate_group.pl and # ldapadd on the ldap server
Not sure if that helps identify the changes I need to make???
On 6/24/2010 3:21 PM, Josip Rodin wrote:
> On Thu, Jun 24, 2010 at 12:33:10PM -0400, John Dennis wrote:
>
>> But even if you did, ldap has this:
>>
>> userPassword:: e1NIQX13ak83dXhlS3FYR0NFVlhPTEVzVUo4OW9DWFE9
>>
>> They aren't the same are they? The LDAP entry looks like a hash, you'll
>> have to figure out which kind. Note it does not contain a {hash} prefix
>> so FreeRADIUS can't figure what kind of hash it is.
>>
> No, the two colons in ldapsearch output just indicate that the attribute
> value is MIME-encoded. It can be decoded for example with:
>
> % echo e1NIQX13ak83dXhlS3FYR0NFVlhPTEVzVUo4OW9DWFE9 | mimencode -u
> {SHA}wjO7uxeKqXGCEVXOLEsUJ89oCXQ=
> % echo e1NIQX13ak83dXhlS3FYR0NFVlhPTEVzVUo4OW9DWFE9 | perl -e 'use MIME::Base64; print decode_base64(<>);'
> {SHA}wjO7uxeKqXGCEVXOLEsUJ89oCXQ=
>
>
More information about the Freeradius-Users
mailing list