LDAP Module : basedn empty -> error

Dominique Fournier dominique.fournier at grenoble.cnrs.fr
Fri Nov 29 16:39:54 CET 2013


I try to connect my Freeradius to a Zimbra LDAP server with multidomain. 
In Zimbra, the LDAP tree is something like :

I have some domains in ".fr" and some other in ".org".

If I configure with the basedn = "dc=fr", Freeradius works well for all 
the domains in ".fr". But if I try to allow all my domains (with a 
basedn=""), Freeradius don't accept to authenticate the users.

In the logs, when there is a reject, I can see :
[ldap-inner-tunnel] performing user authorization for XXXXX
[ldap-inner-tunnel] 	expand: (mail=%{User-Name}) -> (mail=XXXXX.fr)
[ldap-inner-tunnel] 	expand:  ->
   [ldap-inner-tunnel] unable to create basedn.
++[ldap-inner-tunnel] returns invalid
Invalid user: [XXXXX.fr] (from client localhost port 0 via TLS tunnel)

I found a topic in the list 
in 2012, but there is no solution.

I am on a Debian stable Freeradius 2.1.12

Thanks a lot.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: dominique_fournier.vcf
Type: text/x-vcard
Size: 174 bytes
Desc: not available
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20131129/626ff120/attachment.vcf>

More information about the Freeradius-Users mailing list