Freeradius with LDAP on embedded

petr at baranov.fi petr at baranov.fi
Tue Nov 19 11:02:16 CET 2013


Hello,

I am configuring freeradius to use openldap-backend for authentication. My setup runs on an embedded system built with Yoctoproject. To test my setup I run radtest from ubuntu image. From the debuggin messages of the FR I can see that LDAP back-end is in use but it always complains about invalid credentials:

...
Found Auth-Type = LDAP
# Executing group from file /etc/raddb/sites-enabled/default
+- entering group LDAP {...}
[ldap] login attempt by "john" with password "?=K?)J��???Q$?��"
[ldap] user DN: uid=john,ou=People,dc=my-domain,dc=com
  [ldap] (re)connect to 192.168.122.158:389, authentication 1
  [ldap] bind as uid=john,ou=People,dc=my-domain,dc=com/?=K?)J��???Q$?�� to 192.168.122.158:389
  [ldap] waiting for bind result ...
  [ldap] Bind failed with invalid credentials
++[ldap] returns reject
...

(Notice, password looks wierd!)

I belive that my configurations are correct, because when I setup FR on ubuntu to use LDAP from my embedded image, authentication passes successfully. The password is visible in clear text 

The FR in ubuntu and in my embedded image are compiled with --enable-developer flag.

Can there be some limitation in my embedded environment that causes such behaviour? For example, busybox?

Kind Regards,
Petr 


More information about the Freeradius-Users mailing list