Issue with OpenLdap and FreeRadius
Andrew Niemantsverdriet
andrew at rocky.edu
Thu Aug 21 20:11:03 CEST 2014
Sven,
Awesome, thanks for the hint. That was the issue now everything is working
as expected.
Thanks!
_
/-\ ndrew
On Thu, Aug 21, 2014 at 6:23 AM, Sven Hartge <sven at svenhartge.de> wrote:
> On 18.08.2014 18:17, Andrew Niemantsverdriet wrote:
>
> > I'm am using FreeRadius 2.1.12 from the CentOS repo and am trying to get
> > it working with OpenLDAP 2.3.43 also from the CentOS repo. Everything is
> > working great until I add and ACL to OpenLDAP that gives self write
> > access to sambaNTpassword. When that line is added FreeRadius will stop
> > authenticating clients.
>
> Do you use an ACL like:
>
> access to attrs=sambaNTpassword
> by self =w
>
> ? If so, then you granted write access, but no read access. You need to use
>
> access to attrs=sambaNTpassword
> by self =rw
>
> Note that there is a difference between writing
>
> access to attrs=sambaNTpassword
> by self write
>
> and
>
> access to attrs=sambaNTpassword
> by self =w
>
> The first one includes read access, the second one does not.
>
> Use the slapacl utility to test your ACLs and see the difference.
>
> Grüße,
> Sven.
>
>
>
>
--
_
/-\ ndrew Niemantsverdriet
Linux System Administrator
Academic Computing
(406) 238-7360
Rocky Mountain College
1511 Poly Dr.
Billings MT, 59102
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20140821/debb83bc/attachment-0001.html>
More information about the Freeradius-Users
mailing list