FreeRadius, LDAP to a remote Active Directory Server

[Ron Wahler]

Has anyone integrated FreeRadius/LDAP to a Remote Active Directory Server?   I am trying to integrate the two and need some  examples of radiusd.conf for the LDAP to Active Directory.   I also tried uid=ron And [EMAIL PROTECTED]   I have no organization  just a list of users under users directory in active directory.   The error that concerns me is Tue Mar 11 08:40:06 2003 : Error: rlm_ldap: ldap_search() failed: Operations error     Any one have a radiusd.conf that shows  a good example ?   Thanks, Ron       Tue Mar 11 08:40:06 2003 : Debug: ldap_get_conn: Got Id: 0 Tue Mar 11 08:40:06 2003 : Debug: rlm_ldap: attempting LDAP reconnection Tue Mar 11 08:40:06 2003 : Debug: rlm_ldap: closing existing LDAP connection Tue Mar 11 08:40:06 2003 : Debug: rlm_ldap: (re)connect to 10.0.0.13:389, authentication 0 Tue Mar 11 08:40:06 2003 : Debug: rlm_ldap: bind as / to 10.0.0.13:389 Tue Mar 11 08:40:06 2003 : Debug: rlm_ldap: waiting for bind result ... Tue Mar 11 08:40:06 2003 : Debug: rlm_ldap: performing search in dn=roncompany,dn=com, with filter (uid=ron@ roncompany.com) Tue Mar 11 08:40:06 2003 : Error: rlm_ldap: ldap_search() failed: Operations error Tue Mar 11 08:40:06 2003 : Debug: rlm_ldap: search failed Tue Mar 11 08:40:06 2003 : Debug: ldap_release_conn: Release Id: 0 Tue Mar 11 08:40:06 2003 : Debug:   modcall[authorize]: module "ldap" returns fail Tue Mar 11 08:40:06 2003 : Debug: modcall: group authorize returns fail Tue Mar 11 08:40:06 2003 : Debug: Finished request 16 Tue Mar 11 08:40:06 2003 : Debug: Going to the next request       What is in my radiusd.conf  file…..             ldap {                 #server = "ldap.your.domain"                 server = "10.0.0.13"                 #identity = "cn=Administrator"                 #password =                 #basedn = "o=roncompany.com"                 basedn = "dn=roncompany,dn=com"                 filter = "(uid=%{Stripped-User-Name:-%{User-Name}})"                   # set this to 'yes' to use TLS encrypted connections                 # to the LDAP database by using the StartTLS extended                 # operation.                 start_tls = no                 # set this to 'yes' to use TLS encrypted connections to the                 # LDAP database by passing the LDAP_OPT_X_TLS_TRY option to                 # the ldap library.                 tls_mode = no                   # default_profile = "cn=radprofile,ou=dialup,o=My Org,c=UA"                 # profile_attribute = "radiusProfileDn"                 access_attr = "dialupAccess"                   # Mapping of RADIUS dictionary attributes to LDAP                 # directory attributes.                 dictionary_mapping = ${raddbdir}/ldap.attrmap                   # ldap_cache_timeout = 120                 # ldap_cache_size = 0                 ldap_connections_number = 5                 # password_header = "{clear}"                  password_attribute = userPassword                 # groupname_attribute = cn   # groupmembership_filter ="(|(&(objectClass=GroupOfNames)(member=%{LdapUserDn}))(&(objectClass=GroupOfUniqueNames)(uniquemember=%{Ldap-UserDn})))"                 # groupmembership_attribute = radiusGroupName                 timeout = 4                 timelimit = 3                 net_timeout = 1                 # compare_check_items = yes                 # access_attr_used_for_allow = yes         }