> the ldap.attrmap is :
> checkItem $GENERIC$ radiusCheckItem
> replyItem $GENERIC$ radiusReplyItem
>
> checkItem Auth-Type radiusAuthType
> checkItem Simultaneous-Use radiusSimultaneousUse
> checkItem Called-Station-Id radiusCalledStationId
> checkItem Calling-Station-Id radiusCallingStationId
> checkItem LM-Password lmPassword
> checkItem NT-Password ntPassword
> checkItem SMB-Account-CTRL-TEXT acctFlags
> checkItem Expiration radiusExpiration
> checkItem Ldap-Group radiusGroupName
>
That looks right.
> debug:
> rlm_ldap: waiting for bind result ...
> rlm_ldap: performing search in o=test, with filter (uid=brianlk)
> rlm_ldap: Added password {crypt}10Tkdsdfasfsfrwefxe42 in check items
> rlm_ldap: looking for check items in directory...
> rlm_ldap: Adding radiusCalledStationId as Called-Station-Id, value 123456 &
> op=21
> rlm_ldap: looking for reply items in directory...
Can you go up further, when the packet comes in. Such as
rad_recv: Access-Request packet from host 127.0.0.1:3736, id=236,
length=65
User-Name = "test"
User-Password = "test"
Service-Type = Framed-User
NAS-IP-Address = 127.0.0.1
NAS-Port-Type = Async
NAS-Port-Id = "0"
Note that is just an example I through together.
I wanted to see if Called-Station-Id was actually coming in in the
access-request packet.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
