On 4/12/07, Alan DeKok <[EMAIL PROTECTED]> wrote:
Ryan Kramer wrote: > Apparently something in the ldap_escape_func is broken when talking to > Microsoft AD. The code does not distinguish between Microsoft AD and other LDAP servers.
Correct, it is very simple code and doesn't care. My guess is that it is Microsoft AD not acting like any other reasonable AD on the planet i suspect. I'll post my exact queries tomorrow, but as I mentioned, the only change was to revert that section of code back to the 1.0.1 version, recompile, and it works great. I hacked away at the configs for about 3 hours without any success using pretty much every trick I could think of to get it working. I SUSPECT something might not be escaped in a manner the MS AD server likes, or maybe just the fact it has any escape sequences built in at all is what is causing it to toss it. Hopefully tomorrow I'll be able to get some logs from our server admins to see exactly what the queries they receive look like.
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
