Freeradius + Ldap - Authorise OK but NO dynamic VLANs

A.L.M.Buxey at lboro.ac.uk A.L.M.Buxey at lboro.ac.uk
Mon Aug 22 19:59:34 CEST 2016


Hi,


in the output:

Mon Aug 22 17:43:18 2016 : Debug: rlm_ldap (ldap): Reserved connection (2)
Mon Aug 22 17:43:18 2016 : Debug: (0)     Using user DN from request
"cn=ttester,cn=SeminaryAdmin,ou=SeminaryOU,dc=seminary,dc=local"
Mon Aug 22 17:43:18 2016 : Debug: (0)     Checking user object's memberOf
attributes
Mon Aug 22 17:43:18 2016 : Debug: (0)       Performing unfiltered search in
"cn=ttester,cn=SeminaryAdmin,ou=SeminaryOU,dc=seminary,dc=local", scope
"base"
Mon Aug 22 17:43:18 2016 : Debug: (0)       Waiting for search result...
Mon Aug 22 17:43:18 2016 : Debug: (0)     No group membership attribute(s)
found in user object
Mon Aug 22 17:43:18 2016 : Debug: rlm_ldap (ldap): Released connection (2)
Mon Aug 22 17:43:18 2016 : Debug: (0)     User is not a member of
"SeminaryAdmin"
Mon Aug 22 17:43:18 2016 : Debug: (0)     if (Ldap-Group ==
"SeminaryAdmin")  -> FALSE



so the scope is wrong... or you havent defined the gorup stuff in ldap module? 

I was at a site a couple of months back....we fought their LDAP schema for a few hours
ldapsearch came to the rescue....sorry, if you're not LDAP guru and really know your schema
its a case of trial and error and keep going at it.  then ...bingo!  you'll get it.

alan


More information about the Freeradius-Users mailing list