Dusty Doris ha scritto:
hi all,
excuse me for my bad english, I'm italian.
i would to create a structure wich control the user's access on a WLAN
by an auth-ldap.
I have create a ldap directory witch basedn dc=unime,dc=it.
now, like is write on the ldap_tutorial in the doc/ directory, i try to
import this ldif file (modified for my interst). the authentication to
be with the EAP-TLS protocol (it work fine) therefore I've deleted the
sections of the passwords and for authentication.
dn: dc=unime,dc=it
objectClass: dcObject
objectClass: organizationUnit
ou: Unime.it Radius
dc: unime
dn: ou=radius,dc=unime,dc=it
objectclass: organizationalunit
ou: radius
dn: ou=profiles,ou=radius,dc=unime,dc=it
objectclass: organizationalunit
ou: profiles
dn: ou=users,ou=radius,dc=unime,dc=it
objectclass: organizationalunit
ou: users
dn: uid=WLAN,ou=profiles,ou=radius,dc=unime,dc=it
objectclass: radiusprofile
uid: WLAN
radiusServiceType: Framed-User
radiusFramedProtocol: PPP
radiusFramedIPNetmask: 255.255.255.0
radiusFramedRouting: None
dn: uid=Felice,ou=users,ou=radius,dc=mydomain,dc=com
objectclass: radiusProfile
uid: Felice
radiusGroupName: WLAN
the entry with uid =WLAN don't work, this is the message returned is
invalid syntax #0 approximately... I don't have my pc here.
Anyone can help me?
Check the RADIUS-LDAPv3.schema file that you used. That howto doc was
using an old one that used uid, the new one uses cn. Go down to the
objectclass of radiusprofile and look what it says in MUST. If it says
cn, then you will need to use cn or change that to uid.
example:
dn: cn=WLAN,ou=profiles,ou=radius,dc=unime,dc=it
objectclass: radiusprofile
cn: WLAN
radiusServiceType: ....
OR change that file.
objectclass
( 1.3.6.1.4.1.3317.4.3.2.1
NAME 'radiusprofile'
SUP top AUXILIARY
DESC ''
MUST cn
to
objectclass
( 1.3.6.1.4.1.3317.4.3.2.1
NAME 'radiusprofile'
SUP top AUXILIARY
DESC ''
MUST uid
I'd recommend just using cn, so you don't have to remember to modify it
everytime you install freeradius on a machine.
-Dusty Doris
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
__________ NOD32 1.1157 (20050628) Information __________
This message was checked by NOD32 antivirus system.
http://www.nod32.com
I have tryed both solution but don't work!!! :'(
this is the output:
#ldapadd -x -D "cn=Manager,dc=unime,dc=it" -W -f example.ldif
Enter LDAP Password:
adding new entry "ou=radius, dc=unime,dc=it"
adding new entry "ou=profiles, ou=radius,dc=unime,dc=it"
adding new entry "ou=users, ou=radius,dc=unime,dc=it"
adding new entry "cn=WLAN, ou=profiles,ou=radius,dc=unime,dc=it"
ldap_add: Invalid syntax (21)
additional info: objectclass: value #0 invalid per syntax
I have forgotten:
I have deleted the first entry:
dn: dc=unime,dc=it
objectClass: dcObject
objectClass: organizationUnit
ou: Unime.it Radius
dc: unime
because don't work absolutely.
wtithout this entry the entryes for ou=radius ou=profiles ou=users
works, and I have the error output above.
With this entry I have a error on the first entry .
Anyone can help me??
--
Email.it, the professional e-mail, gratis per te: http://www.email.it/f
Sponsor:
Personalizza il tuo cellulare con le immagini piĆ¹ divertenti o con le foto di
chi ami
*
Clicca qui: http://adv.email.it/cgi-bin/foclick.cgi?mid=3117&d=30-6
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
