Radius integration with LDAP (SASL)
Phil Mayers
p.mayers at imperial.ac.uk
Tue Jan 17 13:05:48 CET 2012
On 17/01/12 11:55, vijay t wrote:
> My LDAP server uses SASL mechanism for authenticating uid/username
> against userPassword. How can I integrate this LDAp server with
> FreeRadius server and what all configuration need to be changed ???. On
> debug, my radius server shows following error. Kindly suggest
Read this:
http://deployingradius.com/documents/protocols/compatibility.html
And this:
http://deployingradius.com/documents/protocols/oracles.html
Short version: if you need to use "LDAP BIND", you can only support PAP
authentication.
> [ldap] expand: %{User-Name} -> google
> [ldap] expand: (uid=%{Stripped-User-Name:-%{User-Name}}) -> (uid=google)
> [ldap] expand: ou=Users,dc=cdac,dc=in -> ou=Users,dc=cdac,dc=in
> [ldap] ldap_get_conn: Checking Id: 0
> [ldap] ldap_get_conn: Got Id: 0
> [ldap] performing search in ou=Users,dc=cdac,dc=in, with filter (uid=google)
> request done: ld 0x748c7d0 msgid 9
> [ldap] object not found
> [ldap] search failed
Your first problem is that the LDAP Search has failed. Fix your LDAP
search filter, or ensure the user exists.
More information about the Freeradius-Users
mailing list