LDAP Groups to Freeradius and then Ruckus Wireless?
Enrique Sainz Baixauli
enriquesainz.beca at intef.educacion.es
Wed May 28 13:36:21 CEST 2014
>> ldap : Attribute 'memberOf' not found in LDAP Object
>Then your user object contains no memberOf attributes, or your LDAP ACLs
are incorrect and preventing the memberOf attributes of user objects from
That's right, my user doesn't contain any memberOf attributes because I got
groups to work (via the users file) with member attributes in the groups, so
the users themselves don't have any attributes referring to the groups: the
groups contain attributes referring to the users. Would it be more correct
to make the users belong to the group by adding memberOf attributes to the
user objetcts, instead of using member attributes in the group objects?
As per the LDAP ACLs, I don't think they should be a problem because first,
I haven't set up any, and second, I'm authenticating against LDAP using the
first admin user I created (which should have read access to the whole
directory). Remember that this is a test deployment so it's quite simple:
LDAP server with two group objects, two user objects and only one user with
all the privileges, plus FR with (at the moment) only PAP working.
More information about the Freeradius-Users