Ability to disable SSL certificate checking for LDAPS (636)?
Alan DeKok
aland at deployingradius.com
Thu Apr 25 20:40:11 UTC 2024
On Apr 25, 2024, at 3:55 PM, Chris Wopat <me at falz.net> wrote:
> I walked back my troubleshooting to just do unencrypted 389 LDAP
> non-tls non-ssl and well, I must have another issue. Somehow LDAP
> isn't expanding to actually search for the user?
That's odd.
> (0) Received Access-Request Id 8 from 10.189.5.22:1645 to
> 10.213.15.19:1812 length 69
> (0) User-Name = "MYUSER"
> <snip>
> (0) suffix: No '@' in User-Name = "MYUSER", looking up realm NULL
> (0) suffix: No such realm "NULL"
> <snip>
> (0) ldap: EXPAND (sAMAccountname=%{%{Stripped-User-Name}:-%{User-Name}})
> (0) ldap: --> (sAMAccountname=)
> <snip>
It should print out the strings it's expanding. i.e. %{Stripped-User-Name} --> ""
So something odd is going on. Which version are you running?
Alan DeKok.
More information about the Freeradius-Users
mailing list