Help PLease

Adam Schappell aschappell at
Mon Mar 30 17:48:20 CEST 2015

Hey Michael Thank you for your informative response unlike others here! I
really appreciate it. Since you seem a little more educated on this, I can
successfully do a ldapsearch and everything pops up successfully. When I do
a radtest "user" "password localhost 0 Password, I get access-reject, why
is this if all my ldap connections are good? Where do I switch off referral
chasing at? /etc/raddb/modules/ldap?

Thank you!

Adam Schappell
System Administrator II
Clearedge IT Solutions, LLC
10620 Guilford Road
Jessup, MD 20794
Fax:443-212-4809 <>

On Mon, Mar 30, 2015 at 11:11 AM, Michael Ströder <michael at>

> Alan DeKok wrote:
>> On Mar 30, 2015, at 9:39 AM, Adam Schappell <aschappell at>
>> wrote:
>>> Thanks for the suggestion, since I havent read it already 10 times.
>>> Thanks
>>> for a little insight tho, appreciate it.
>>    Really?  You’ve read it 10 times, and still don’t know what’s going on?
>>    If you (a) speak English, and (b) understand your LDAP schema, it
>> should be pretty clear.
>>   [ldap] performing search in dc=corp,dc=clearedgeit,dc=com, with filter
>> (uid=radius)
>>   [ldap] rebind to URL ldap://
>> clearedgeit,DC=com
>>   [ldap] rebind to URL ldap://
>> DomainDnsZones,DC=corp,DC=clearedgeit,DC=com
>>   [ldap] rebind to URL ldap://
>>   [ldap] object not found
>>    Do the words “not found” mean anything?
>>    The server prints out the LDAP searches it’s doing.  It prints them
>> out for a REASON.  So you can READ THEM, and manually verify them against
>> the LDAP tree.
> Hmm, this looks like the referrals in MS AD are automagically chased.
> LDAPv3 referrals are a broken concept anyway and I doubt that FreeRADIUS in
> particular will find any meaningful entries in the referred AD containers
> above.
> => I'd switch off referral chasing to avoid this noise in the logs.
> This does *not* mean that checking with LDAP client tools is not useful in
> general.
> Ciao, Michael.
> -
> List info/subscribe/unsubscribe? See

More information about the Freeradius-Users mailing list