Radius integration with LDAP (SASL)

Phil Mayers p.mayers at imperial.ac.uk
Tue Jan 17 13:05:48 CET 2012

On 17/01/12 11:55, vijay t wrote:
> My LDAP server uses SASL mechanism for authenticating uid/username
> against userPassword. How can I integrate this LDAp server with
> FreeRadius server and what all configuration need to be changed ???. On
> debug, my radius server shows following error. Kindly suggest

Read this:


And this:


Short version: if you need to use "LDAP BIND", you can only support PAP 

> [ldap] expand: %{User-Name} -> google
> [ldap] expand: (uid=%{Stripped-User-Name:-%{User-Name}}) -> (uid=google)
> [ldap] expand: ou=Users,dc=cdac,dc=in -> ou=Users,dc=cdac,dc=in
> [ldap] ldap_get_conn: Checking Id: 0
> [ldap] ldap_get_conn: Got Id: 0
> [ldap] performing search in ou=Users,dc=cdac,dc=in, with filter (uid=google)
> request done: ld 0x748c7d0 msgid 9
> [ldap] object not found
> [ldap] search failed

Your first problem is that the LDAP Search has failed. Fix your LDAP 
search filter, or ensure the user exists.

More information about the Freeradius-Users mailing list