Problems freeradius and samba4
ricardobarbosams
spiderslack at yahoo.com.br
Fri Jun 14 05:07:01 CEST 2013
Hi,
but not any other settins, only file ldap.
ldap {
server = "192.168.0.4"
identity = "CN=freeradius,OU=noc,OU=batlab,DC=batlab,DC=corp"
password = XXXXX
basedn = "dc=batlab,dc=corp"
filter = "(&(objectClass=user)(sAMAccountName=%{User-Name}))"
base_filter = "(objectClass=user)"
ldap_connections_number = 5
timeout = 4
timelimit = 3
net_timeout = 1
tls {
start_tls = no
}
dictionary_mapping = ${confdir}/ldap.attrmap
edir_account_policy_check = no
}
What other file setting user for directory?
Regards.
Em 06/13/13 03:37, Iliya Peregoudov escreveu:
> On 12.06.2013 4:19, ricardobarbosams wrote:
>>
>> No my filter is
>>
>> filter = "(&(objectClass=user)(sAMAccountName=%{User-Name}))"
>
> I do not talk about filter, I do talk about binding to the directory.
> Your ldapsearch binds to the directory using one user and your radiusd
> binds to directory as another user. These users can have different
> authorization levels in the directory server. Directory may allow to
> retrieve objects to user2 at batlab.corp user but disallow it to
> CN=freeradius,OU=noc,OU=batlab,DC=batlab,DC=corp user.
>
> Configure radiusd to use the user2 at batlab.corp user to bind to the
> directory and you'll get same results as with ldapsearch.
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>
More information about the Freeradius-Users
mailing list