LDAP Module : basedn empty -> error

Arran Cudbard-Bell a.cudbardb at freeradius.org
Fri Nov 29 22:29:20 CET 2013


On 29 Nov 2013, at 21:28, Arran Cudbard-Bell <a.cudbardb at freeradius.org> wrote:

> 
> On 29 Nov 2013, at 17:31, Dominique Fournier <dominique.fournier at grenoble.cnrs.fr> wrote:
> 
>> Hi
>> 
>> I just try with a space in it and it doesn't work.
>> I have the logs :
>> [ldap-inner-tunnel] performing user authorization for richard.heral
>> [ldap-inner-tunnel] 	expand: (mail=%{User-Name}) -> (mail=XXXX.fr)
>> [ldap-inner-tunnel] 	expand:   ->
>> [ldap-inner-tunnel] ldap_get_conn: Checking Id: 0
>> [ldap-inner-tunnel] ldap_get_conn: Got Id: 0
>> [ldap-inner-tunnel] attempting LDAP reconnection
>> [ldap-inner-tunnel] (re)connect to ldaps://XXXXXfr:636, authentication 0
>> [ldap-inner-tunnel] bind as uid=XXXXX=fr/YYYY to ldaps://XXXXX.fr:636
>> [ldap-inner-tunnel] waiting for bind result ...
>> [ldap-inner-tunnel] Bind was successful
>> [ldap-inner-tunnel] performing search in  , with filter (mail=XXXX.fr)
>> [ldap-inner-tunnel] ldap_search() failed: Invalid DN syntax
>> [ldap-inner-tunnel] search failed
>> [ldap-inner-tunnel] ldap_release_conn: Release Id: 0
>> ++[ldap-inner-tunnel] returns fail
>> 
>> So there is no solution for me... except go to freeradius 3.
>> 
>> Do you think a patch can be processed to the 2.x branch without changing everything ?
> 
> Sure. Can you make sure this actually fixes it though. I'm not sure how libldap will deal with zero length basedn strings.

For it to work you actually need to comment out basedn in the config.

-Arran

Arran Cudbard-Bell <a.cudbardb at freeradius.org>
FreeRADIUS Development Team



More information about the Freeradius-Users mailing list