ldapsearch -x -h ldap.domain.com -b ou=ldap,o=domain.com -D uid=XXX,ou=it,o=domain.com -w 'YYY'
Where XXX is a person's username and YYY is their password. That means a person can only query their own information and not anyone elses (unless, of course, they have someone else's username and password).
>From what I can see, it doesn't appear as though the %{User-Name} variable can be used within the "identity" setting in freeRADIUS 1.0.1. If that's correct, does it mean freeRadius won't be able to be used for this particular set up? If I hardcode a test username and password in the configuration as follows:
server = "ldap.domain.com"
identity = "uid=XXX,ou=it,o=domain.com"
password = 'YYY'
basedn = "ou=ldap,o=domain.com"
it binds correctly. However, for our particular setup, both the username and password's used to bind to the server need to be variable at run time.
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
