Might buy that book, thanks for the reply Alan. I have also posted the same q to the the openldap mailing list so I hope to get some info from those people.
Its just quite frustrating, the govt has said we can only do it this 1 way (but they themselves have never done it) and I cant find any good docs/ howtos that cover what I need in detail. All the howtos assume ldap communication works flawlessly 1st got but unfortunately its definitely not the situation. Thanks again Alan, going to make a call about the ldap book. On 4/18/07, Alan DeKok <[EMAIL PROTECTED]> wrote: > Jacob Jarick wrote: > > "ldapadd -d9 -x -D "cn=Manager,dc=tfxschool,dc=internal" -W -f > > /etc/openldap/tfxschool.internal.ldif" -> http://pastebin.ca/445899 > >... > > It seems to be similar if not the same problem I am having with FR > > refusing to auth via ldap to our ADS server. I am stuck though I have > > no idea how to resolve this error and unfortunately the howto assumes > > it just works. > > > > Google suggests that it may be the result of my domain string > > dc=tfxschool,dc=interternal, which looks correct to me. Our test > > domain is tfxschool.internal . any help / suggestions/ insight would > > be greatly appreciated. > > This is really an LDAP question. If you can't use LDAP tools to login > to the LDAP server, you won't be able to use the same configuration in > FreeRADIUS. > > Unfortunately, I don't use LDAP, so I can't help you here. The few > times I have used it, I follow the O'Reilly LDAP book, and it works for me. > > Alan DeKok. > -- > http://deployingradius.com - The web site of the book > http://deployingradius.com/blog/ - The blog > - > List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html > - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html