ldap configuration & the mysterious filter ="(uid=%u)"
Matthew Newton
mcn4 at leicester.ac.uk
Tue Feb 9 22:58:38 CET 2016
Just to clear up why it worked after replacing the broken
configuration with the working one...
On Tue, Feb 09, 2016 at 01:40:00PM -0500, Walter Moore wrote:
> /etc/raddb/mods-enables/ldap:
> [...]
> ldap {
> server = "ldap.eckerd.edu"
> identity = "cn=directory manager"
> password = *********
> basedn = "dc=eckerd,dc=edu"
> * filter = "(uid=%{%{Stripped-User-Name}:-%{User-Name}})"*
This is old v2 config, filter= is directly in the ldap{} section,
not in the user{} sub-section.
> LDAP output from radiusd -X
> ldap {
> server = "ldap.eckerd.edu"
> port = 389
> password = <<< secret >>>
> identity = "cn=directory manager"
This:
> user {
> * filter = "(uid=%u)"*
... is in the user{} subsection.
On Tue, Feb 09, 2016 at 02:09:21PM -0500, Alan DeKok wrote:
> It's not a new install. You have configuration left over from an old version of FreeRADIUS.
Exactly.
Matthew
--
Matthew Newton, Ph.D. <mcn4 at le.ac.uk>
Systems Specialist, Infrastructure Services,
I.T. Services, University of Leicester, Leicester LE1 7RH, United Kingdom
For IT help contact helpdesk extn. 2253, <ithelp at le.ac.uk>
More information about the Freeradius-Users
mailing list