UserDN escape problem and Group membership checking in 3.0.3

Arran Cudbard-Bell a.cudbardb at freeradius.org
Wed Nov 19 20:35:23 CET 2014


> On 19 Nov 2014, at 13:17, Winders, Timothy A <twinders at southplainscollege.edu> wrote:
> 
> I have FreeRadius 3.0.3 installed on Ubuntu 14.0.4 (free radius
> 3.0.3-ppa1~trustry package)
> 
> I have everything setup with Active Directory for user authentication.
> This is working correctly, but I am having a problem with Active Directory
> group membership checking. It appears the problem is with the way
> FreeRadius escapes the UserDN when doing the query.

Yeah pairparsevalue was molesting the DN string before writing it to the
DN attribute.

It shouldn't really have been de-escaping \, as it's not something we
escape normally, and the LDAP code shouldn't of been calling a function
that used pairparsevalue anyway.

So i've fixed both those issues. The fix will go in 3.0.5 which'll be 
released very soon. If you could build from v3.0.x HEAD and check it's
resolved, that'd be helpful.

-Arran

Arran Cudbard-Bell <a.cudbardb at freeradius.org>
FreeRADIUS development team

FD31 3077 42EC 7FCD 32FE 5EE2 56CF 27F9 30A8 CAA2



More information about the Freeradius-Users mailing list