> hi all, > > excuse me for my bad english, I'm italian. > i would to create a structure wich control the user's access on a WLAN > by an auth-ldap. > I have create a ldap directory witch basedn dc=unime,dc=it. > now, like is write on the ldap_tutorial in the doc/ directory, i try to > import this ldif file (modified for my interst). the authentication to > be with the EAP-TLS protocol (it work fine) therefore I've deleted the > sections of the passwords and for authentication. > > dn: dc=unime,dc=it > objectClass: dcObject > objectClass: organizationUnit > ou: Unime.it Radius > dc: unime > > dn: ou=radius,dc=unime,dc=it > objectclass: organizationalunit > ou: radius > > dn: ou=profiles,ou=radius,dc=unime,dc=it > objectclass: organizationalunit > ou: profiles > > dn: ou=users,ou=radius,dc=unime,dc=it > objectclass: organizationalunit > ou: users > > dn: uid=WLAN,ou=profiles,ou=radius,dc=unime,dc=it > objectclass: radiusprofile > uid: WLAN > radiusServiceType: Framed-User > radiusFramedProtocol: PPP > radiusFramedIPNetmask: 255.255.255.0 > radiusFramedRouting: None > > dn: uid=Felice,ou=users,ou=radius,dc=mydomain,dc=com > objectclass: radiusProfile > uid: Felice > radiusGroupName: WLAN > > the entry with uid =WLAN don't work, this is the message returned is > invalid syntax #0 approximately... I don't have my pc here. > > Anyone can help me? >
Check the RADIUS-LDAPv3.schema file that you used. That howto doc was using an old one that used uid, the new one uses cn. Go down to the objectclass of radiusprofile and look what it says in MUST. If it says cn, then you will need to use cn or change that to uid. example: dn: cn=WLAN,ou=profiles,ou=radius,dc=unime,dc=it objectclass: radiusprofile cn: WLAN radiusServiceType: .... OR change that file. objectclass ( 1.3.6.1.4.1.3317.4.3.2.1 NAME 'radiusprofile' SUP top AUXILIARY DESC '' MUST cn to objectclass ( 1.3.6.1.4.1.3317.4.3.2.1 NAME 'radiusprofile' SUP top AUXILIARY DESC '' MUST uid I'd recommend just using cn, so you don't have to remember to modify it everytime you install freeradius on a machine. -Dusty Doris - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html