Problem with two ldap connections

Alan DeKok aland at
Wed Mar 15 00:23:29 CET 2017

On Mar 14, 2017, at 2:56 AM, Jörn Volkhausen <volkhausen.joern at> wrote:
> Can anyone explain me why freeradius use two different userdn's for the
> same ldap configuration [ldap-kap-staging]?

  If you read the debug output, you will see that the LDAP server is returning a redirect.  FreeRADIUS is just following that.

> That he is authorizing the user is good, but why is freeradius using the
> wrong dn at the authenticate stage for the same ldapconfig?

  Because your LDAP server is telling FreeRADIUS to use that DN.

  If you want FreeRADIUS to use the right DN, fix your LDAP server so that it doesn't return a redirect.

  Alan DeKok.

More information about the Freeradius-Users mailing list