Wayne Van der Merwe wrote: > I have FreeRADIUS 2.1.1 setup on SUS server 10.1 > > We are wanting to do a LDAP connection to Novell edirectory server for > our users. > > From the debug out put the LDAP session binded corectly > The searched part failed. > > I would like to know did the radius server send out the loging name as > uid=53986067? as indicated below. > rlm_ldap: performing search in > ou=USERS,ou=ELS-FRERE,ou=AMATOLA,ou=HLT,o=EC, with filter (uid=53986067)
Because: 1) the Access-Request contains "53986067" as the User-Name 2) the ldap module is configured to use "uid=%{User-Name}" This is all shown in the debug output. > When i do a ldapsearch -h 10.219.176.30 -b > ou=USERS,ou=ELS-FRERE,ou=AMATOLA,ou=HLT,o=EC -x "uid=53986067" > I get no results. > > If i use -x "cn=53986067" the user is found. So... edit the ldap module configuration to use "cn=%{User-Name}" instead of "uid". There's a reason the configuration files are text: they can be edited. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html