Authentication us mySQL and AD(LDAP)

chenjiang chenjiang at
Wed May 27 11:17:03 CEST 2015

   Hi! Alan

   Thanks for the information.

   I still have one more question for the authentication logic, if the
   backend LDAP authentication fail but SQL authentication OK (the
   scanario is for WIFI access, internal employees account stored in LDAP
   and visitor account stored in mySQL), will FreeRADIUS returns
   âAuth-Acceptâ or âAuth-Rejectâ?
   Chen Jiang
   Microshield Technology Co., Ltd
   å京å¸æµ·æ·åºè¥¿ä¸ç¯åè·¯50å·è±ªæ大å¦C2座18-19å± 100048
   [1]chenjiang at
   å件人: Alan DeKok<aland at>
   æ¶ä»¶äºº: FreeRadius users mailing
   list<freeradius-users at>
   åéæ¶é´: 2015å¹´5æ26æ¥(å¨äº)â20:24
   主é¢: Re: Authentication us mySQL and AD(LDAP)
On May 25, 2015, at 10:06 PM, chenjiang <[2]chenjiang at> wrote:
>   Sorry for disturbing, I am struggleing with FreeRADIUS user
>   authentication through Windows AD(LDAP), but I found when enable LDAP
>   mySQL backend is not works any more.

  That shouldn't happen.  Odds are something else is going wrong.

>   From debug output(radius -X), we found even mySQL module returns
>   OK,FreeRADIUS still returns Accept-Reject when LDAP module returns
>   fail.

  Well, if the LDAP module fails, that's a problem.

>     [ldap] ldap_search() failed: Operations error

  Read raddb/modules/ldap.  Look for "operations error".  If it doesn't appear t
here, upgrade to 2.2.8.  This issue is fixed, and documented.

  And yes, you can use LDAP and MySQL at the same time.  There's no magic.  You
just use both, and both work.

  Alan DeKok.

List info/subscribe/unsubscribe? See [3]


   1. mailto:chenjiang at
   2. mailto:chenjiang at

More information about the Freeradius-Users mailing list