Freeradius 3 - eDirectory Problem
Bebbet van Dinges
bebbet at bebbet.nl
Tue May 17 15:20:12 CEST 2016
Hello,
I'm trying to authorize/authenticate my wifi users against edirectory
with Freeradius3, which doesn't work. It worked with this configuration
in 2.2, but doesn't seem to provide the required result anymore.
I hope you can give me some pointers where to look next.
Yours sincerely,
Bebbet
from raddebug:
(74) Tue May 17 12:19:27 2016: Debug: openldap: Performing unfiltered
search in "", scope "sub"
(74) Tue May 17 12:19:27 2016: Debug: openldap: Waiting for search result...
(74) Tue May 17 12:19:30 2016: ERROR: openldap: Ambiguous search result,
returned 1723 unsorted entries (should return 1 or 0). Enable sorting,
or specify a more restrictive base_dn, filter or scope
(74) Tue May 17 12:19:30 2016: ERROR: openldap: The following entries
were returned:
[All the records in our directory\
/usr/loca/pf/raddb/modules-enabled/ldap:
ldap openldap {
server = "dns3.desaad.nl"
port = 636
identity = "cn=admin,o=desaad"
password = "You wish.."
basedn = "o=desaad"
# filter = "(cn=%{mschap:User-Name})"
filter
="(&(objectClass=inetOrgPerson)(uid=%{Stripped-User-Name:-%{User-Name}}))"
ldap_connections_number = 5
timeout = 4
timelimit = 3
net_timeout = 1
access_attr = cn
password_attribute = nspmPassword
tls {
start_tls = no
require_cert = "allow"
}
dictionary_mapping = ${confdir}/ldap.attrmap
edir_account_policy_check = yes
keepalive {
# LDAP_OPT_X_KEEPALIVE_IDLE
idle = 60
# LDAP_OPT_X_KEEPALIVE_PROBES
probes = 3
# LDAP_OPT_X_KEEPALIVE_INTERVAL
interval = 3
}
}
More information about the Freeradius-Users
mailing list