LDAP Module : basedn empty -> error
Alan DeKok
aland at deployingradius.com
Fri Nov 29 16:57:27 CET 2013
Dominique Fournier wrote:
> In the logs, when there is a reject, I can see :
> [ldap-inner-tunnel] performing user authorization for XXXXX
> [ldap-inner-tunnel] expand: (mail=%{User-Name}) -> (mail=XXXXX.fr)
> [ldap-inner-tunnel] expand: ->
> [ldap-inner-tunnel] unable to create basedn.
Try creating the basedn which contains only a space. That might work.
The LDAP module is generally intended to search within a particular
base DN. It can be a security risk to allow searching of the entire tree.
Or, you can configure two LDAP modules. One to search in .fr, and the
other to search in .org.
Alan DeKok.
More information about the Freeradius-Users
mailing list