> > Wayne Van der Merwe wrote: > > I have FreeRADIUS 2.1.1 setup on SUS server 10.1 > > > > We are wanting to do a LDAP connection to Novell edirectory server for > > our users. > > > > From the debug out put the LDAP session binded corectly > > The searched part failed. > > > > I would like to know did the radius server send out the loging name as > > uid=53986067? as indicated below. > > rlm_ldap: performing search in > > ou=USERS,ou=ELS-FRERE,ou=AMATOLA,ou=HLT,o=EC, with filter (uid=53986067) > > Because: > > 1) the Access-Request contains "53986067" as the User-Name > 2) the ldap module is configured to use "uid=%{User-Name}" > > This is all shown in the debug output. > > > When i do a ldapsearch -h 10.219.176.30 -b > > ou=USERS,ou=ELS-FRERE,ou=AMATOLA,ou=HLT,o=EC -x "uid=53986067" > > I get no results. > > > > If i use -x "cn=53986067" the user is found. > > So... edit the ldap module configuration to use "cn=%{User-Name}" > instead of "uid". There's a reason the configuration files are text: > they can be edited. > > Alan DeKok. > > > > ------------------------------ > > Noted After the change i have this problem in the debug output
rlm_ldap: waiting for bind result ... rlm_ldap: Bind was successful rlm_ldap: performing search in ou=USERS,ou=ELS-FRERE,ou=AMATOLA,ou=HLT,o=EC, with filter (cn=53986067) [ldap] No default NMAS login sequence [ldap] looking for check items in directory... [ldap] looking for reply items in directory... WARNING: No "known good" password was found in LDAP. Are you sure that the user is configured correctly? [ldap] user 53986067 authorized to use remote access rlm_ldap: ldap_release_conn: Release Id: 0 The "[ldap] No default NMAS login sequence how do i sort this out?" and "WARNING: No "known good" password was found in LDAP. Are you sure that the user is configured correctly?" is to do with a clear text password that radius needs to read from the LDAP server as per other posts. how or where do i sort this out. Is this also related to the NMAS login sequence?
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html