Freeradius with ldap authentication

Stefan Paetow Stefan.Paetow at jisc.ac.uk
Tue Jun 27 10:46:22 CEST 2017 

>Hello before i ask this question, i already read and try the freeradius +
>ldap authentication from https://wiki.freeradius.org/protocol/LDAP and
>http://confluence.diamond.ac.uk/display/PAAUTH/Using+LDAP+as+authenticatio
>n+source.
>But now i'm kinda stuck with that both documentation, because everytime i
>test the user in ldap (using radtest) i get "no DN found". I already check
>that the dn has properly set up (i'm using phpldapadmin to create user in
>
>

If you get 'no DN found', then you need to tweak the LDAP search
parameters to search for your user correctly. The documentation only
covers FreeRADIUS and the LDAP module specifically, *not* how you set up
your LDAP or where your user resides.

>Tue Jun 27 05:54:43 2017 : Debug: rlm_ldap (ldap): Bind successful
>Tue Jun 27 05:54:43 2017 : Debug: rlm_ldap (ldap): Reserved connection (6)
>Tue Jun 27 05:54:43 2017 : Debug: (1) ldap: EXPAND TMPL XLAT
>Tue Jun 27 05:54:43 2017 : Debug:
>(uid=%{%{Stripped-User-Name}:-%{User-Name}})
>Tue Jun 27 05:54:43 2017 : Debug: (1) ldap: EXPAND
>(uid=%{%{Stripped-User-Name}:-%{User-Name}})
>Tue Jun 27 05:54:43 2017 : Debug: (1) ldap:    --> (uid=teke)
>Tue Jun 27 05:54:43 2017 : Debug: (1) ldap: EXPAND TMPL LITERAL
>Tue Jun 27 05:54:43 2017 : Debug: (1) ldap: Performing search in "" with

Use something like 'ldapsearch' to search the LDAP for your user. Right
here it says it's searching in "" (i.e. In an empty organisation
location)... Does your LDAP require something like an ou (organisational
unit), or a dn (domain name), I.e. 'dn=myorg,dn=org'? Figure this out with
ldapsearch, then fix your FreeRADIUS ldap configuration accordingly.

Then try again with your authentication.

Stefan Paetow
Moonshot Industry & Research Liaison Coordinator

t: +44 (0)1235 822 125
gpg: 0x3FCE5142
xmpp: stefanp at jabber.dev.ja.net
skype: stefan.paetow.janet

jisc.ac.uk

Jisc is a registered charity (number 1149740) and a company limited by
guarantee which is registered in England under Company No. 5747339, VAT
No. GB 197 0632 86. JiscĀ¹s registered office is: One Castlepark, Tower
Hill, Bristol, BS2 0JA. T 0203 697 5800.


>

More information about the Freeradius-Users mailing list