Eric Martell wrote:
Hi Phil,
I need some help again. Is there a way in the ldap
module we can specify to return only ONE result for
search filter. In my ldap tree when search with a
filter (&(uid=test1)(phone=1231313128)) I get multiple
results.
And in the log I get message as search failed. I just
want to return whatever the first result.
rlm_ldap: performing search in dc=eng,dc=com, with
filter (&(uid=test1)(phone=1231313128))
rlm_ldap: object not found or got ambiguous search
result
rlm_ldap: search failed
Please help.
I don't think you can. You'll need to use a different (more specific?)
search filter that gives unique results (and anyway, matching a random
choice of N returned is not sensible - how do you know the one that
matches even has a password attribute or is even a valid user object?)
Thanks and Regards,
Eric.
--- Eric Martell <[EMAIL PROTECTED]> wrote:
Thanks so much Phil. I am using freeradius-1.0.4
I am going to install the latest version and will
try
your suggestion.
Thanks and Regards.
Eric.
--- Phil Mayers <[EMAIL PROTECTED]> wrote:
Eric Martell wrote:
Hi,
Is it possible to altogether avoid
authenticate
section and just do ldap lookups in the
authorize
section?
authorize {
ldap {
notfound = reject
}
}
The problem is in the authenticate section,
radius
gets the userDN from the authorize and tries to
"bind"
ldap with password which we don't have.
I also tried in users file
Ldap-UserDN :=
`cn=Manager,dc=eng,dc=com/answer2`
Assuming you are using a recent version of
FreeRadius, you can do one of
the following:
modules {
ldap {
...
set_auth_type = no
}
}
authorize {
preprocess
ldap
pap
}
authenticate {
Auth-Type PAP {
pap
}
}
____________________________________________________________________________________
Be a better pen pal.
Text or chat with friends inside Yahoo! Mail. See
how. http://overview.mail.yahoo.com/
____________________________________________________________________________________
Looking for last minute shopping deals?
Find them fast with Yahoo! Search. http://tools.search.yahoo.com/newsearch/category.php?category=shopping
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html