Cris Boisvert wrote:
> I'm setting up freeradius to talk to a Ipswitch Imail server for
> authetication.
>
> Just needs to do the basic User Pass... Ok.
>
>
[..]
> A snippet of the config.
> -----------------------------------------------
> ldap {
> server = "192.168.77.6"
> #identity = "cn=root,o=My Org,c=UA"
> #password = test1234
> basedn = "o=My Org,c=UA"
> #filter = "(uid=%{Stripped-User-Name:-%{User-Name}})"
> # base_filter = "(objectclass=radiusprofile)"
>
> # set this to 'yes' to use TLS encrypted connections
> ______________----------------------------------------------
>
[..]
> Below is a Cut form radiusd -X debug..
>
> Anyone have any reccomendations>?
>
>
>
> modcall: group authorize returns ok for request 0
> rad_check_password: Found Auth-Type LDAP
> auth: type "LDAP"
> Processing the authenticate section of radiusd.conf
> modcall: entering group Auth-Type for request 0
> rlm_ldap: - authenticate
> rlm_ldap: login attempt by "[EMAIL PROTECTED]" with password "test"
> radius_xlat: '([EMAIL PROTECTED])'
> radius_xlat: 'o=My Org,c=UA'
Do you really have an object with attribute iud="[EMAIL PROTECTED]"?
I think you should split the username with delimiter '@', so you search
for uid=test,dc=pork,dc=com (or similiar).
But if you have such objects, try ldap_debug=0xffff between ldap { } in
your radiusd.conf.
Linus van Geuns.
signature.asc
Description: OpenPGP digital signature
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
