ldap google auth

Antonio Cangiano antoniocangiano76sp at gmail.com
Wed Jul 13 17:50:10 UTC 2022


> rlm_ldap (ldap): Reserved connection (5)
> (5) ldap: Login attempt by "antoniocangiano"
> (5) ldap: Using user DN from request
> "uid=antoniocangiano,ou=Users,dc=iissgarrone,dc=edu,dc=it"
> (5) ldap: Waiting for bind result...
> (5) ldap: ERROR: Bind credentials incorrect: Invalid credentials
> (5) ldap: ERROR: Server said: Incorrect password.

I read the logs but I'm sure credentials are correct. When I try with
same credentials :

LDAPTLS_CERT=ldap-client.crt LDAPTLS_KEY=ldap-client.key ldapsearch
-H ldaps://ldap.google.com:636 -D 'WordySiame' -W -x  -b
"uid=antoniocangiano,ou=Users,dc=iissgarrone,dc=edu,dc=it"
'(uid=antoniocangiano)'
Enter LDAP Password:
ldap_bind: Success (0)
        additional info: Valid access code
# extended LDIF
#
# LDAPv3
# base <uid=antoniocangiano,ou=Users,dc=iissgarrone,dc=edu,dc=it> with
scope subtree
# filter: (uid=antoniocangiano)
# requesting: ALL
#

# antoniocangiano, Users, iissgarrone.edu.it
dn: uid=antoniocangiano,ou=Users,dc=iissgarrone,dc=edu,dc=it
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
objectClass: posixAccount
uid: antoniocangiano
googleUid: antoniocangiano
posixUid: antoniocangiano
cn: antoniocangiano
cn: Antonio Cangiano
sn: Cangiano
displayName: Antonio Cangiano
givenName: Antonio
mail: antoniocangiano at iissgarrone.edu.it
title: sistemista
employeeType:
departmentNumber:
physicalDeliveryOfficeName:
uidNumber: 44267532
gidNumber: 44267532
homeDirectory: /home/antoniocangiano
loginShell: /bin/bash
gecos:
telephoneNumber: xxxxxxxxxx
suspended: false
apple-generateduid: D481B1E1-745E-4D01-A1A0-F47782A3780C

# search result
search: 2
result: 0 Success

# numResponses: 2
# numEntries: 1

you can put me on the right way ?
Thanks

Il giorno mar 12 lug 2022 alle ore 14:39 Alan DeKok
<aland at deployingradius.com> ha scritto:
>
> On Jul 11, 2022, at 9:40 PM, Antonio Cangiano <antoniocangiano76sp at gmail.com> wrote:
> > I'd like to configure a google secure ldap authentication FreeRadius
> > server on Ubuntu 18.04 VM for wifi Omada and Unifi.
>
>   That should be reasonably straight forward.
>
> > nano /etc/freeradius/3.0/clients.conf -> in the end add ...
>
>   We don't need to see the configuration files, or what commands you ran.  The documentation is *very* clear on this.
> >
> > FreeRADIUS Version 3.0.16
> > Copyright (C) 1999-2017 The FreeRADIUS server project and contributors
>
>   That's 5 years old.  You should really be running an updated version of the server.  There are packages available on http://packages.networkradius.com
>
> > ...
> > rlm_ldap (ldap): Reserved connection (5)
> > (5) ldap: Login attempt by "antoniocangiano"
> > (5) ldap: Using user DN from request
> > "uid=antoniocangiano,ou=Users,dc=iissgarrone,dc=edu,dc=it"
> > (5) ldap: Waiting for bind result...
> > (5) ldap: ERROR: Bind credentials incorrect: Invalid credentials
> > (5) ldap: ERROR: Server said: Incorrect password.
>
>   That seems pretty clear.
>
>   It is very important to read the debug output.  Look for ERROR and WARNING.  Doing this will save you time and effort.  You won't have to post a long message explaining many things in detail.  Things which are irrelevant, because the error message is right there in the debug output.
>
>   Alan DeKok.
>
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html


More information about the Freeradius-Users mailing list