# Line in radius.log:
# Auth: Login incorrect: [myusername] (from client wall1-wigate1
port 122 cli 00-1C-CC-C3-C7-1A)
reject
# Line in radius.log:
# Auth: Invalid user: [myusername] (from client wall1-wigate1 port
122 cli 00-1C-CC-C3-C7-1A)
}
}
--
Daniele ALBRIZIO -
_search() failed: Operations error
rlm_ldap::ldap_groupcmp: search failed
I had the same problem in php and I solved it using ldap_set_option($ds,
LDAP_OPT_REFERRALS, 0); in this manner don't following referrals.
Is it possible to set such an option in rlm_ldap or in some system
config file for
we turn off referrals.
# This *may* cause problems if multiple forests are used with AD.
deref never
referrals no
Yes! It _does_ work!
Thank you very much to Tarun and Kostas for the useful and quick hints
you gave me!
--
Daniele ALBRIZIO - [EMAIL PROTECTED]
Settore Tecnologie di B
I have to link a microsoft active directory in my workplace not under my
rooty control.
The user DN in AD are stored in the following format (please don't ask
me why!):
CN=ALBRIZIO DANIELE (5620),OU=9800,OU=personale,DC=ds,DC=units,DC=it
Yes, with parenthesis!
In radiusd.conf I have this configurat
Christopher Price wrote:
Is there an option that you can put in the ldap section of the
configuration to tell the server to dereference an aliased object in the
LDAP directory?
Me too have interest about this topic.
I also need to ignore referrals given by an ldap server.
--
Daniele
00"
Somebody knows if such a feature has ever been included in Freeradius?
Expiration attribute doesn't permit a "not-before" behaviour, Login-Time
attribute doesn't permit month/year specification.
Daniele Albrizio
Old Post ==
Alan DeKok wrote:
> Daniele Albrizio wrote:
>> In an old post Alan DeKok said he would patch freeradius to support
>> temporary accounts using attributes like
>>
>> Date > "January 1 2010 13:00"
>> Date > "January 12 2010 13:00"
>
33
ldap_pvt_connect: 0
TLS: peer cert untrusted or revoked (0x42)
TLS: can't connect: (unknown error code).
ldap_err2string
I suspect the "cacertfile" attribute is not correctly re-instantiated
and only the value of the first request is used to check against when
inst
On 03/05/11 19:00, Daniele Albrizio wrote:
> I've two ldaps backends instantiated like:
Forgot...
Using compiled freeradius-server-2.1.10 on Debian GNU/Linux 6.0
--
Daniele ALBRIZIO - albri...@univ.trieste.it
Tel. +39-040.558.3319
UNIVERSITY OF TRIESTE - Network
On 03/05/11 21:41, Alexander Clouter wrote:
> Daniele Albrizio wrote:
>>
>> I suspect the "cacertfile" attribute is not correctly re-instantiated
>> and only the value of the first request is used to check against when
>> instantiating a new ldaps connection.
10 matches
Mail list logo