Access permissions FreeRadius-Google LDAP failed
Benjamin Diehl
benjamin.diehl at foundationacademy.net
Tue Oct 5 14:16:35 CEST 2021
I am trying to figure out what could be causing this issue with FreeRadius and Google LDAP. I am getting a few errors when FreeRadius is trying to search for the user. I bolded the Error spots. I have tried multiple different username and password combos in the LDAP section, even tried it without. The accounts I have tested with have Super admin access and then I have triple checked the info when it's the Google LDAP credentials.
(2) suffix: Checking for suffix after "@"
(2) suffix: Looking up realm "foundationacademy.net" for User-Name = "benjamin.diehl at foundationacademy.net"
(2) suffix: Found realm "foundationacademy.net"
(2) suffix: Adding Stripped-User-Name = "benjamin.diehl"
(2) suffix: Adding Realm = "foundationacademy.net"
(2) suffix: Proxying request from user benjamin.diehl to realm foundationacademy.net
(2) suffix: Preparing to proxy authentication request to realm "foundationacademy.net"
(2) [suffix] = updated
(2) eap: Request is supposed to be proxied to Realm foundationacademy.net. Not doing EAP.
(2) [eap] = noop
(2) [files] = noop
rlm_ldap (ldap): Closing connection (6): Hit idle_timeout, was idle for 60839 seconds
rlm_ldap (ldap): You probably need to lower "min"
rlm_ldap (ldap): Closing connection (7): Hit idle_timeout, was idle for 60839 seconds
rlm_ldap (ldap): You probably need to lower "min"
rlm_ldap (ldap): 0 of 0 connections in use. You may need to increase "spare"
rlm_ldap (ldap): Opening additional connection (8), 1 of 32 pending slots used
rlm_ldap (ldap): Connecting to ldaps://ldap.google.com:636
rlm_ldap (ldap): Waiting for bind result...
ber_get_next failed.
rlm_ldap (ldap): Bind successful
rlm_ldap (ldap): Reserved connection (8)
(2) ldap: EXPAND (uid=%{%{Stripped-User-Name}:-%{User-Name}})
(2) ldap: --> (uid=benjamin.diehl)
(2) ldap: Performing search in "dn=foundationacademy,dc=net" with filter "(uid=benjamin.diehl)", scope "sub"
(2) ldap: Waiting for search result...
(2) ldap: ERROR: Failed performing search: Insufficient access. Check the identity and password configuration directives
rlm_ldap (ldap): Released connection (8)
Need 2 more connections to reach min connections (3)
rlm_ldap (ldap): Opening additional connection (9), 1 of 31 pending slots used
rlm_ldap (ldap): Connecting to ldaps://ldap.google.com:636
rlm_ldap (ldap): Waiting for bind result...
ber_get_next failed.
rlm_ldap (ldap): Bind successful
(2) [ldap] = fail
(2) } # authorize = fail
(2) Invalid user (ldap: Failed performing search: Insufficient access. Check the identity and password configuration directives): [benjamin.diehl at foundationacademy.net] (from client localhost port 0 cli 50-E0-85-F7-E2-0C)
More information about the Freeradius-Users
mailing list