FreeRadius - LDAP

Fajar A. Nugraha list at
Wed Jul 20 10:18:39 CEST 2011

On Wed, Jul 20, 2011 at 3:07 PM, m4xmr <m.tommasi at> wrote:
> Hello,
> I'm trying to make working LDAP as authentication backend for RADIUS.
> I verified that the data are right and the query to LDAP is properly working
> if I use ldapsearch.

does LDAP BIND work correctly using ldapsearch (i.e. ldapsearch -D)

> rad_recv: Access-Request packet from host, id=78, length=60
>        User-Name = "ldapuser"
>        User-Password = "121212"

> rlm_ldap: Setting Auth-Type = ldap

Hmmm ... that's odd. I thought rlm_ldap was supposed to just grab
attributes (e.g. Cleartext-Password) and not set the Auth-Type? Are
you doing anything special like forcing Auth-Type := LDAP?

> rlm_ldap: user ldapuser authorized to use remote access

this line says there's a user called ldapuser

> rlm_ldap: - authenticate
> rlm_ldap: login attempt by "ldapuser" with password "121212"
> rlm_ldap: user DN: uid=ldapuser,ou=People,dc=example,dc=com
> rlm_ldap: (re)connect to localhost:389, authentication 1
> rlm_ldap: bind as uid=ldapuser,ou=People,dc=example,dc=com/121212 to
> localhost:389
> rlm_ldap: waiting for bind result ...
> rlm_ldap: Bind failed with invalid credentials

... while this one says the bind failed. Is the password correct?


More information about the Freeradius-Users mailing list