PROTECTED] On Behalf Of Kris
Benson
Sent: Wednesday, August 10, 2005 2:20 PM
To: FreeRadius users mailing list
Cc: 'FreeRadius users mailing list'
Subject: Re: Freeradius - LDAP Authenication
FreeRadius users mailing list freeradius-users@lists.freeradius.org on
August 10, 2005 at 11:17 -0800 wrote
Kris,
Thanks for the configs, however I still cannot get this to work, I'm still
seeing:-
Aug 10 07:06:21 2005 : Debug: rlm_ldap: bind as
uid=sbarnes,ou=people,o=marymount.edu.o=marymount.edu/cortina to
info.marymount.edu:389
Wed Aug 10 07:06:21 2005 : Error: rlm_ldap:
FreeRadius users mailing list freeradius-users@lists.freeradius.org on
August 10, 2005 at 05:34 -0800 wrote:
Kris,
Aug 10 07:06:21 2005 : Debug: rlm_ldap: bind as
uid=sbarnes,ou=people,o=marymount.edu.o=marymount.edu/cortina to
info.marymount.edu:389
Wed Aug 10 07:06:21 2005 : Error: rlm_ldap:
Hi Kris,
Thanks for your input.
I think I'm at the end of my abilities here, but will make a couple more
comments.
First off, I'm nowhere near being an LDAP pro, but what's up with the
o=mayrmount.edu.o=marymount.edu ? There are two things that stick out
to me here -- first off, the '.'
FreeRadius users mailing list freeradius-users@lists.freeradius.org on
August 10, 2005 at 11:17 -0800 wrote:
I think I'm at the end of my abilities here, but will make a couple more
comments.
First off, I'm nowhere near being an LDAP pro, but what's up with the
o=mayrmount.edu.o=marymount.edu ?
Well, having just looked at your config again, I'm wondering if it isn't
this filter:
ldap: filter = ((objectClass=aRadiusAccount)(uid=%u))
is that 'a' supposed to be there?
Also, have you custom defined the LDAP schmea for this objectclass? If
not, I don't believe the 'aRadiusAccount' is
FreeRadius users mailing list freeradius-users@lists.freeradius.org on
August 8, 2005 at 07:32 -0800 wrote:
I am now at a loss, if anyone has a working config that they wouldn't mind
sharing that would be much appreciated.
Here's mine:
radiusd.conf section
ldap {
FreeRadius users mailing list freeradius-users@lists.freeradius.org on
August 5, 2005 at 08:12 -0800 wrote:
rlm_ldap: - authorize
rlm_ldap: performing user authorization for testuser
radius_xlat: '((objectClass=aRadiusAccount)(uid=testuser))'
radius_xlat: 'o=marymount.edu,o=marymount.edu'
server (running on another machine). I have the vpn talking successfully to
freeradius, but I cannot get the onward connection to the LDAP to work. I
have validated that the server running freeradius is able to talk to the
ldap by using ldapsearch.
rlm_ldap: ldap_get_conn: Got Id: 0
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Dusty
Doris
Sent: Friday, August 05, 2005 11:57 AM
To: FreeRadius users mailing list
Subject: Re: Freeradius - LDAP Authenication
This is pretty clear that it cannot connect. What does your ldapsearch
FreeRadius users mailing list freeradius-users@lists.freeradius.org on
August 5, 2005 at 09:58 -0800 wrote:
This is pretty clear that it cannot connect. What does your ldapsearch
command look like? Perhaps, you have the wrong port or ip in your
config?
What does telnet 198.100.0.18 389 show
What if you change the identity portion of the radiusd.conf to be the
full DN of the admin user? I have a sneaking suspicion that the can't
connect may also include can't authenticate...
So, assuming that the directory manager user is in the people ou, try
this for the identity:
cn=directory
FreeRadius users mailing list freeradius-users@lists.freeradius.org on
August 5, 2005 at 12:27 -0800 wrote:
I have tried various accounts my own and test accounts along with
variations
of the DN and I get the same errors. I'm at a loss as ldapsearch and
telneting to the port all seem to work.
13 matches
Mail list logo