Freeradius + Ldap - Authorise OK but NO dynamic VLANs
A.L.M.Buxey at lboro.ac.uk
A.L.M.Buxey at lboro.ac.uk
Mon Aug 22 19:59:34 CEST 2016
Hi,
in the output:
Mon Aug 22 17:43:18 2016 : Debug: rlm_ldap (ldap): Reserved connection (2)
Mon Aug 22 17:43:18 2016 : Debug: (0) Using user DN from request
"cn=ttester,cn=SeminaryAdmin,ou=SeminaryOU,dc=seminary,dc=local"
Mon Aug 22 17:43:18 2016 : Debug: (0) Checking user object's memberOf
attributes
Mon Aug 22 17:43:18 2016 : Debug: (0) Performing unfiltered search in
"cn=ttester,cn=SeminaryAdmin,ou=SeminaryOU,dc=seminary,dc=local", scope
"base"
Mon Aug 22 17:43:18 2016 : Debug: (0) Waiting for search result...
Mon Aug 22 17:43:18 2016 : Debug: (0) No group membership attribute(s)
found in user object
Mon Aug 22 17:43:18 2016 : Debug: rlm_ldap (ldap): Released connection (2)
Mon Aug 22 17:43:18 2016 : Debug: (0) User is not a member of
"SeminaryAdmin"
Mon Aug 22 17:43:18 2016 : Debug: (0) if (Ldap-Group ==
"SeminaryAdmin") -> FALSE
so the scope is wrong... or you havent defined the gorup stuff in ldap module?
I was at a site a couple of months back....we fought their LDAP schema for a few hours
ldapsearch came to the rescue....sorry, if you're not LDAP guru and really know your schema
its a case of trial and error and keep going at it. then ...bingo! you'll get it.
alan
More information about the Freeradius-Users
mailing list