Leighton Man wrote: > I have, in the ldap module configuration: > > chase_referrals = yes > rebind = yes
That's good... > I'm running version 2.1.6 on Solaris doing lookups against Active Directory. > > I get, in the debug: > > rlm_ldap: Bind was successful > rlm_ldap: performing search in dc=ad, dc=hud, dc=ac, dc=uk, with filter > (sAMAccountName=mytestusername) > rlm_ldap: ldap_search() failed: Operations error > rlm_ldap::ldap_groupcmp: search failed That's bad. > Has anyone got latest information on what causes this or how to fix it. I > have a workaround but it's not ideal. > I assume trying to get more helpful information out of Microsoft AD is pretty > futile but has anyone any clues as to what "operations error" realy means? > The workaround is to specify a container in the search but as the number of > possible containers for a search increases things rapidly begin to get out of > hand ..... Microsoft says "it means error in operation". Nice. How many AD servers do you have? Is the FreeRADIUS server (i.e. admin account) allowed to do the queries?[ Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html