The problem is solved! Sorry for the posting
Thanks
Berndt
On Tue, 2003-12-16 at 15:09, Sevcik Berndt wrote:
> Thanks for the tip with th NT Domain hack Brian.
>
> An other problem is the LDAP Query themself. I get no result for my Username. But
> the User exists and when I use the ldapsearch command with the
> same filter I also get an result.
>
> I use the latest CVS Version of Freeradius
> and openLDAP Version 2.1.22-1
>
> rlm_ldap: - authorize
> rlm_ldap: performing user authorization for sevcikb
> radius_xlat: '(uid=sevcikb)'
> radius_xlat: 'ou=People,ou=admin,dc=tgm.dc=ac,dc=at'
> ldap_get_conn: Got Id: 0
> rlm_ldap: performing search in ou=People,ou=admin,dc=tgm.dc=ac,dc=at, with filter
> (uid=sevcikb)
> rlm_ldap: object not found or got ambiguous search result
> rlm_ldap: search failed
> ldap_release_conn: Release Id: 0
>
> Hers my config:
>
> ldap {
> server = "localhost"
> identity = "cn=admin,dc=tgm,dc=ac,dc=at"
> password = xxx
> basedn = "ou=People,ou=admin,dc=tgm.dc=ac,dc=at"
> filter = "(uid=%{Stripped-User-Name:-%{User-Name}})"
>
> # base_filter = "(objectclass=radiusprofile)"
>
> # set this to 'yes' to use TLS encrypted connections
> # to the LDAP database by using the StartTLS extended
> # operation.
> # The StartTLS operation is supposed to be used with normal
> # ldap connections instead of using ldaps (port 689) connections
> start_tls = no
>
> # tls_cacertfile = /path/to/cacert.pem
> # tls_cacertdir = /path/to/ca/dir/
> # tls_certfile = /path/to/radius.crt
> # tls_keyfile = /path/to/radius.key
> # tls_randfile = /path/to/rnd
> # tls_require_cert = "demand"
>
> # default_profile = "cn=radprofile,ou=dialup,o=My Org,c=UA"
> # profile_attribute = "radiusProfileDn"
> # access_attr = "dialupAccess"
>
> # Mapping of RADIUS dictionary attributes to LDAP
> # directory attributes.
> dictionary_mapping = ${raddbdir}/ldap.attrmap
>
> ldap_connections_number = 5
>
> #
> # NOTICE: The password_header directive is NOT case insensitive
> #
> # password_header = "{clear}"
> #
> # The server can usually figure this out on its own, and pull
> # the correct User-Password or NT-Password from the database.
> #
> # Note that NT-Passwords MUST be stored as a 32-digit hex
> # string, and MUST start off with "0x", such as:
> #
> # 0x000102030405060708090a0b0c0d0e0f
> #
> # Without the leading "0x", NT-Passwords will not work.
> # This goes for NT-Passwords stored in SQL, too.
> #
> password_attribute = ntPassword
> # groupname_attribute = cn
> # groupmembership_filter =
> "(|(&(objectClass=GroupOfNames)(member=%{Ldap-UserDn}))(&(objectClass=GroupOfUniqueNames)(uniquemember=%{Ldap-UserDn})))"
> # groupmembership_attribute = radiusGroupName
> timeout = 4
> timelimit = 3
> net_timeout = 1
> # compare_check_items = yes
> # do_xlat = yes
> # access_attr_used_for_allow = yes
> }
>
> Thanks for help
> Berndt
>
>
>
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
--
Diese Message wurde erstellt mit freundlicher Unterstuetzung
eines freilaufenden Pinguins aus artgerechter Freilandhaltung.
Sie ist garantiert frei von Microsoftschen Viren.
-----------------------------------------
TGM - Die Schule der Technik
IT-Service
A-1200 Wien, Wexstr. 19-23
Tel. +43(1)33126/316 Fax: +43(1)33126/154
E-Mail: [EMAIL PROTECTED]
-----------------------------------------
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
