FR 3.0 with eDir

Olivier Beytrison olivier at heliosnet.org
Tue Dec 17 15:38:23 CET 2013


On 17.12.2013 13:38, Hubert Kupper wrote:
> Am 17.12.2013 12:22, schrieb Arran Cudbard-Bell:
> rlm_ldap (ldap): Reserved connection (0)
> (1) ldap :      expand: "(cn=%{%{Stripped-User-Name}:-%{User-Name}})" ->
> '(cn=foo)'
> (1) ldap :      expand: "o=org" -> 'o=org'
> (1) ldap : Performing search in 'o=org' with filter '(cn=foo)'
> (1) ldap : Waiting for search result...
> (1) ldap : User object found at DN "cn=foo,ou=test,o=org"
> (1) ERROR: ldap : Failed to retrieve eDirectory password: (80) Other
> (e.g., implementation specific) error
> rlm_ldap (ldap): Released connection (0)
> rlm_ldap (ldap): Opening additional connection (1)
> rlm_ldap (ldap): Connecting to 192.168.1.35:389

389 ???? you're not using ldaps ? IIRC Novell doesn't allow the NMAS
Password retrieval over a non secure channel

Try using a ldaps connection !
At the same time those request are logged in eDirectory, you can check
with NDSTrace what's going on !

Olivier
-- 

 Olivier Beytrison
 Network & Security Engineer, HES-SO Fribourg
 Mail: olivier at heliosnet.org


More information about the Freeradius-Users mailing list