LDAP-UserDN is not unique per ldap module instance (auth problem when multiple ldap module instances used)
Kostas Zorbadelos
kzorba at otenet.gr
Sun Sep 16 22:05:08 CEST 2018
On Παρ, Σεπ 14 2018 at 08:32:21 πμ, Alan DeKok <aland at deployingradius.com> wrote:
Hello,
tested with the latest 3.0.x branch, authentication does not work. I
think some more work has to be done in the patch. From what I
understand, mod_authenticate() in rlm_ldap.c calls rlm_ldap_find_user()
that I see gets directly LDAP-UserDN and not the module specific
instance
https://github.com/FreeRADIUS/freeradius-server/blob/v3.0.x/src/modules/rlm_ldap/ldap.c#L1104
Regards,
Kostas
> On Sep 14, 2018, at 8:04 AM, Kostas Zorbadelos <kzorba at otenet.gr> wrote:
>> Is this by design? I would expect each module instance to have its own
>> LDAP-UserDN and use that when used in authentication. Am I missing
>> something, or is this something worth of raising a github issue?
>
> I've pushed a fix: https://github.com/FreeRADIUS/freeradius-server/commit/803cbea51b17620f467dd1c6d19172e892cd164b
>
> Please verify it and get back to me. We should be releasing 3.0.18 soon.
>
> Alan DeKok.
>
--
Kostas Zorbadelos http://gr.linkedin.com/in/kzorba
More information about the Freeradius-Users
mailing list