I must be doing something wrong in my filtering because it keeps dumping
me into unclassified instead of passing the group I assigned. I have
setup a security group specifically for this test and i am indeed in the
group.
I set it up like this in sites-enabled/inner-tunnel because it seemed
this
On 20/05/11 15:14, Doty, Seth wrote:
I must be doing something wrong in my filtering because it keeps dumping
me into unclassified instead of passing the group I assigned. I have
setup a security group specifically for this test and i am indeed in the
group.
I set it up like this in
I changed my baseDN to: basedn = ou=test,dc=AD,dc=ne,dc=gov and this
results in the same failure in the group section.
rlm_ldap: object not found
rlm_ldap::ldap_groupcmp: search failed
I cant remove the ou=test portion or authentication fails completely and
i get a reject:
[ldap] performing
On 20/05/11 16:27, Doty, Seth wrote:
I changed my baseDN to: basedn = ou=test,dc=AD,dc=ne,dc=gov and this
results in the same failure in the group section.
rlm_ldap: object not found
rlm_ldap::ldap_groupcmp: search failed
I cant remove the ou=test portion or authentication fails completely and
That is the fun i am having. The baseDN of dc=AD,dc=ne,dc=gov DOES work
from ldapsearch and these are actually the credentials i have received
from our LDAP admins. One of the more specific options I received must
be wrong
That all being said though you are responding with an answer that at
I have looked on the list for this a few times but there doesn't appear
to be a how to, just an it might work.
We are wanting to use freeradius with our wireless controller for .1x
termination. It will need to authenticate to AD and based on the
returned group hand back different attributes to
So far I have the ldap component querying AD correctly and I have the
ntlm_auth component doing the same and each individually passing from a
radtest. My question now revolves around passing the groups in our
setup and if this is even possible using the protocols listed above.
Unfortunately,
On 18/05/11 16:21, Doty, Seth wrote:
So far I have the ldap component querying AD correctly and I have the
ntlm_auth component doing the same and each individually passing from a
radtest. My question now revolves around passing the groups in our
setup and if this is even possible using the
=waddell@lists.freeradius.org
[mailto:freeradius-users-bounces+ggatten=waddell@lists.freeradius.org] On
Behalf Of Phil Mayers
Sent: Wednesday, May 18, 2011 10:58 AM
To: freeradius-users@lists.freeradius.org
Subject: Re: Active directory groups
On 18/05/11 16:21, Doty, Seth wrote:
So far I
On 18/05/11 17:22, Gary Gatten wrote:
If one has (just for example) 1000 groups, this is a lot of overhead
Sure (I did see your query the other day - I just haven't had a chance
to write up a reply, but see below)
- checking every group. Also, what if they belong to several groups?
10 matches
Mail list logo
