A little modification of that patch seems to be neccessary, as the patch
applies, but compiling fails:
Compiling this patch gives:
rlm_ldap.c: In function `ldap_groupcmp':
rlm_ldap.c:879: warning: initialization discards qualifiers from pointer
target type
rlm_ldap.c:1010: warning: comparison between signed and unsigned
rlm_ldap.c: In function `ldap_xlat':
rlm_ldap.c:1135: warning: comparison between signed and unsigned
rlm_ldap.c: In function `ldap_authenticate':
rlm_ldap.c:1625: warning: initialization discards qualifiers from
pointer target type
rlm_ldap.c: In function `ldap_rebind':
rlm_ldap.c:1924: error: `dn' undeclared (first use in this function)
rlm_ldap.c:1924: error: (Each undeclared identifier is reported only once
rlm_ldap.c:1924: error: for each function it appears in.)
rlm_ldap.c:1924: error: `passwd' undeclared (first use in this function)
rlm_ldap.c: In function `ldap_connect':
rlm_ldap.c:2009: warning: implicit declaration of function
`ldap_int_tls_config'
rlm_ldap.c: In function `ldap_rebind':
rlm_ldap.c:1920: warning: unused parameter `request'
rlm_ldap.c:1920: warning: unused parameter `msgid'
rlm_ldap.c:1920: warning: unused parameter `params'
rlm_ldap.c: In function `ldap_groupcmp':
rlm_ldap.c:870: warning: unused parameter `request'
rlm_ldap.c:871: warning: unused parameter `check_pairs'
rlm_ldap.c:871: warning: unused parameter `reply_pairs'
gmake[6]: *** [rlm_ldap.o] Error 1
gmake[6]: Leaving directory
`/home/radius/freeradius-1.0.5/src/modules/rlm_ldap'
gmake[5]: *** [common] Error 2
gmake[5]: Leaving directory `/home/radius/freeradius-1.0.5/src/modules'
gmake[4]: *** [all] Error 2
gmake[4]: Leaving directory `/home/radius/freeradius-1.0.5/src/modules'
gmake[3]: *** [common] Error 2
gmake[3]: Leaving directory `/home/radius/freeradius-1.0.5/src'
gmake[2]: *** [all] Error 2
gmake[2]: Leaving directory `/home/radius/freeradius-1.0.5/src'
gmake[1]: *** [common] Error 2
gmake[1]: Leaving directory `/home/radius/freeradius-1.0.5'
make: *** [all] Error 2
diff -Nru rlm_ldap.patch.org rlm_ldap.patch
--- rlm_ldap.patch.org 2005-12-19 13:45:03.000000000 +0100
+++ rlm_ldap.patch 2005-12-19 13:18:21.000000000 +0100
@@ -34,7 +34,7 @@
+{
+ if (DN != NULL && PASSWD != NULL){
+ DEBUG("rlm_ldap: rebind to URL: %s",url);
-+ return ldap_bind_s( ld, dn, passwd, LDAP_AUTH_SIMPLE);
++ return ldap_bind_s( ld, DN, PASSWD, LDAP_AUTH_SIMPLE);
+ }
+}
+
With the above changes rlm_ldap.c compiles and runs (at least for me).
Will the patch mentioned at
http://bugs.freeradius.org/show_bug.cgi?id=183 become part of the next
official release?
Norbert Wegener
Alan DeKok wrote:
In addition to Dusty's comments:
Michael Calizo <[EMAIL PROTECTED]> wrote:
rlm_ldap: ldap_search() failed: Operations error
http://bugs.freeradius.org/show_bug.cgi?id=183
You're running into two issues:
- the OpenLDAP client libraries don't use the
authentication credentials they're given when following references.
- Active Directory is following references because your domain
controller has two domains, and the user isn't found in one, so it's
being referred to the other domain.
The patch might help, but your LDAP queries should be made more
specific.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
