FreeRadius 3.0.11 and Winbind
Albert K
alberk at gmail.com
Fri Nov 18 01:46:38 CET 2016
Thanks Mathew, The error is now resolved. For Windows Active Directory
LDAP the identity should be as below.
identity = "ldapuser at mycompany.com"
On Thu, Nov 17, 2016 at 7:49 PM, Matthew Newton <mcn4 at leicester.ac.uk>
wrote:
> On Thu, Nov 17, 2016 at 06:56:48PM +0800, Albert K wrote:
> > I am stuck with the Ldap module and need help. I can login with the user
> > account ldapuser to the AD and the password is all correct.
> >
> > The error I get from starting radiusd -X (freeradius version 3.0.11)
> >
> > rlm_ldap (ldap): Connecting to ldap://ad.mycompany.com:50000
>
> That's a weird port, but... OK.
>
> > rlm_ldap (ldap):Waiting for bind result....
> > rlm_ldap (ldap):Bind credentials incorrect: Invalid credentials
>
> Seems simple enough. LDAP username or password is wrong.
>
> > rlm_ldap (ldap):Server Said: 8009030C: LdapErr: DISD-0C0903C5, comment:
> > AcceptSecurityContext Error data 2030, v2580
> > rlm_ldap (ldap):Opening connection failed (0)
> > rlm_ldap (ldap): Removing connection pool
>
> > server ='ad.mycompay.com'
> > port = 50000
> > identity = 'cn=ldapuser,cn=users,dc=mycompany,dc=com'
> > password = 12345678
> > base_dn = 'dc=mycompany.dc=com'
> > .....
>
> Do those credentials work when passed to the ldapsearch utility?
>
> It's AD; maybe identity = "ldapuser at mycompany.com"?
>
> Matthew
>
>
> --
> Matthew Newton, Ph.D. <mcn4 at leicester.ac.uk>
>
> Systems Specialist, Infrastructure Services,
> I.T. Services, University of Leicester, Leicester LE1 7RH, United Kingdom
>
> For IT help contact helpdesk extn. 2253, <ithelp at le.ac.uk>
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/
> list/users.html
>
More information about the Freeradius-Users
mailing list