On Thu, 7 Oct 2004, Michael Benton wrote:
> Hello,
>
> FreeRadius 1.0.1
> Linux RHES3.1
>
> Does anyone know how to configure the FreeRadius server to to a LDAP query on a
> Win2003 AD server, and to look at the whole AD tree
> ?
> We have for some unknown reason, multiple OU's with users in each, rather than one
> OU in which all users are configured.
> If I set the basedn to a particular OU - i can authenticate users OK, but when I set
> it back to the top level "dc=ukcl,dc=net" the
> auth fail with user unknown ?
> I have used a LDAP browser to do a search from the same basedn="dc=ukcl,dc=net",
> with the "subtree" option active, and it finds the
> users OK. How do you specify the "subtree" option in the radiusd.conf file ? do if
> have to include "ou=*" as below ?
>
> Any hints would be greatly appreciated.
>
> ldap {
> server = "hqdc1.ukcl.net"
> identity = "cn=freeradius,ou=Administrators,dc=ukcl,dc=net"
> password = pExF%5Yf
> basedn = "dc=ukcl,dc=net"
> filter = "(&(ou=*)(objectClass=person)(samaccountname=%{User-Name}))"
> .....
> }
>
> I do not have OpenLDAP installed on my linux box. Do i need this installed ? even
> though i am directing queries to the Win2003
> server directly ?
Take a look at Global Catalog, see the list archives for details.
>
> Thanks
>
> Michael Benton
>
> E-mail scanned for all viruses by Star Internet, powered by MessageLabs
>
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>
--
Kostas Kalevras Network Operations Center
[EMAIL PROTECTED] National Technical University of Athens, Greece
Work Phone: +30 210 7721861
'Go back to the shadow' Gandalf
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
