group authorization
Brendan Kearney
bpk678 at gmail.com
Wed Mar 26 21:47:36 CET 2014
> Could you please post the output of:
>
> ldapsearch -h ldap.bpk2.com -D "cn=Manager,dc=bpk2,dc=com" -W -b dc=bpk2,dc=com "(uid=brendan)"
>
> and similar for a group search?
[brendan at desktop ~]$ ldapsearch -h ldap1 "(uid=brendan)"
SASL/GSSAPI authentication started
SASL username: brendan at BPK2.COM
SASL SSF: 56
SASL data security layer installed.
# extended LDIF
#
# LDAPv3
# base <dc=bpk2,dc=com> (default) with scope subtree
# filter: (uid=brendan)
# requesting: ALL
#
# brendan, Users, bpk2.com
dn: uid=brendan,ou=Users,dc=bpk2,dc=com
cn: Brendan Kearney
displayName: Brendan Kearney
gecos: Brendan Kearney,,blah,blah,blah
gidNumber: 513
givenName: Brendan
homeDirectory: /home/brendan
homePhone: blah
loginShell: /bin/bash
sambaAcctFlags: [U]
sambaKickoffTime: 2147483647
sambaLMPassword: ***REMOVED***
sambaLogoffTime: 2147483647
sambaLogonTime: 0
sambaNTPassword: ***REMOVED***
sambaPwdCanChange: 0
sambaPwdLastSet: 1331640042
sambaPwdMustChange: 1335528042
sambaSID: S-1-5-21-xxx-xxx-xxx-xxx
sn: Kearney
telephoneNumber:
uid: brendan
uidNumber: 1002
userPassword:: ***REMOVED***
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
objectClass: posixAccount
objectClass: shadowAccount
objectClass: sambaSamAccount
objectClass: radiusprofile
radiusReplyItem: Cisco-AVPair = "shell:priv-lvl=15"
l: blah
shadowMax: 45
shadowLastChange: 16112
# search result
search: 5
result: 0 Success
# numResponses: 2
# numEntries: 1
------------------------------------------------------------
[brendan at desktop ~]$ ldapsearch -h ldap1 "(cn=netEngineers)"
SASL/GSSAPI authentication started
SASL username: brendan at BPK2.COM
SASL SSF: 56
SASL data security layer installed.
# extended LDIF
#
# LDAPv3
# base <dc=bpk2,dc=com> (default) with scope subtree
# filter: (cn=netEngineers)
# requesting: ALL
#
# netEngineers, Groups, bpk2.com
dn: cn=netEngineers,ou=Groups,dc=bpk2,dc=com
cn: netEngineers
objectClass: groupOfNames
objectClass: top
objectClass: radiusprofile
radiusReplyItem: Cisco-AVPair = "shell:priv-lvl=15"
member: uid=brendan,ou=Users,dc=bpk2,dc=com
radiusGroupName: netEngineers
# search result
search: 5
result: 0 Success
# numResponses: 2
# numEntries: 1
More information about the Freeradius-Users
mailing list