Freeradius + Ldap - Authorise OK but NO dynamic VLANs

[Matthew Newton]

On Fri, Aug 19, 2016 at 03:24:34PM +0200, Matthew Pulis wrote:
> radius at daloradius:/etc/freeradius$ ldapsearch -h localhost -D
> "cn=admin,dc=seminary,dc=local" -w S3m1n4ry  -b
> "cn=ttester,cn=SeminaryAdmin,ou=SeminaryOU,dc=seminary,dc=local"
> filter="(&(cn=SeminaryAdmin)(|(&(objectClass=GroupOfNames)(member=cn\3dttester\2ccn\3dSeminaryAdmin\2cou\3dSeminaryOU\2cdc\3dseminary\2cdc\3dlocal))(&(objectClass=GroupOfUniqueNames)(uniquemember=cn\3dttester\2ccn\3dSeminaryAdmin\2cou\3dSeminaryOU\2cdc\3dseminary\2cdc\3dlocal))))"
> # extended LDIF
> #
> # LDAPv3
> # base <cn=ttester,cn=SeminaryAdmin,ou=SeminaryOU,dc=seminary,dc=local>
> with scope subtree
> # filter:
> filter=(&(cn=SeminaryAdmin)(|(&(objectClass=GroupOfNames)(member=cn\3dttester\2ccn\3dSeminaryAdmin\2cou\3dSeminaryOU\2cdc\3dseminary\2cdc\3dlocal))(&(objectClass=GroupOfUniqueNames)(uniquemember=cn\3dttester\2ccn\3dSeminaryAdmin\2cou\3dSeminaryOU\2cdc\3dseminary\2cdc\3dlocal))))
> # requesting: ALL
> #
> 
> ldap_search_ext: Bad search filter (-7)

Hmm, try expanding the escaped characters back to normal again for
ldapsearch (e.g. \3d to "=", \2c to ",", etc.)

> The thing is that this filter has been copied many a time from many
> tutorials and they all agree, could you please point out as from where I
> should start tackling the issue?

But do the tutorials exactly match your directory structure?

Matthew


-- 
Matthew Newton, Ph.D. <mcn4 at leicester.ac.uk>

Systems Specialist, Infrastructure Services,
I.T. Services, University of Leicester, Leicester LE1 7RH, United Kingdom

For IT help contact helpdesk extn. 2253, <ithelp at le.ac.uk>