LDAP + SASL Freeradius 3.0.11

Matthew Beckler mbeckler at overturecenter.org
Tue May 10 19:04:37 CEST 2016



-----Original Message-----
From: Danner, Mearl [mailto:jmdanner at samford.edu] 
Sent: Tuesday, May 10, 2016 10:00 AM
To: FreeRadius users mailing list <freeradius-users at lists.freeradius.org>
Subject: RE: LDAP + SASL Freeradius 3.0.11



> -----Original Message-----

>I'll try again.
>Have you tried simple authentication with ldapsearch i.e.:
>ldapsearch -x -h host -b basedn -D binddn -W <search parameters>
 Hello my AD environment requires signing so a simply bind will not work as I receive the error " Strong(er) authentication required (8)"
 I can tell that the username and password are correct on the simple bind however because if the username and password are wrong I get the 52e error bind however when using correct username and   password I receive the stronger authentication required message.

>The mechanism in AD is different with SASL DIGEST-MD5 and simple authentication.
>https://msdn.microsoft.com/en-us/library/cc223500.aspx
>Third paragraph explains how one might receive the "invalid credentials" error.

I will research this documentation thanks for the link.


>Also, have you tried changing the password for the user in case there is some Unicode UTF8 magic going on?
Yes I tried removing all characters except UpperLower Case Alphanumeric and also I shortened it as it was 14 characters in the beginning.

Thanks again for assisting.

Matt





More information about the Freeradius-Users mailing list