Authentication against multiple LDAP sources.

Alan DeKok aland at deployingradius.com
Fri Jan 6 16:31:59 CET 2012


Stuart Lawson wrote:
> Looking for a bit of advice, I am starting to think I am chasing the
> impossible and will have to start to use Realms or proxies to resolve
> this issue.
> 
> FreeRADIUS 2.1.7

  2.1.12 is out.

> However (output below) it attempts to do the authentication against
> both LDAP sources using the first suffix from the authorisation or
> carried over from the first Authentication attempt (I don't know
> which).

  Yes... the User-DN is set from the query done during "authorize".

  The short answer is "don't have duplicate user names".

  The server is intended to work with unique user names.  It's possible
to configure it with duplicate user names, but it's more complicated.

  You'll need to update your configuration.  Maybe set the LDAP-User-DN
manually during authentication.

  Alan DeKok.



More information about the Freeradius-Users mailing list