Re: Configuring LDAP for query ONLY...

Fri, 07 Dec 2007 06:47:43 -0800 

Eric Martell wrote:

Hi Phil,
   I need some help again. Is there a way in the ldap
module we can specify to return only ONE result for
search filter. In my ldap tree when search with a
filter (&(uid=test1)(phone=1231313128)) I get multiple
results.

And in the log I get message as search failed. I just
want to return whatever the first result. 
rlm_ldap: performing search in dc=eng,dc=com, with
filter (&(uid=test1)(phone=1231313128))
rlm_ldap: object not found or got ambiguous search
result
rlm_ldap: search failed

Please help.
I don't think you can. You'll need to use a different (more specific?) search filter that gives unique results (and anyway, matching a random choice of N returned is not sensible - how do you know the one that matches even has a password attribute or is even a valid user object?) 



Thanks and Regards,
Eric.


--- Eric Martell <[EMAIL PROTECTED]> wrote:


Thanks so much Phil. I am using freeradius-1.0.4

I am going to install the latest version and will
try
your suggestion.

Thanks and Regards.
Eric.


--- Phil Mayers <[EMAIL PROTECTED]> wrote:


Eric Martell wrote:

Hi,
  Is it possible to altogether avoid

authenticate

section  and just do ldap lookups in the

authorize

section?

authorize {
   ldap {
     notfound = reject
   }
}

The problem is in the authenticate section,

radius

gets the userDN from the authorize and tries to

"bind"

ldap with password which we don't have.

I also tried in users file
Ldap-UserDN :=
`cn=Manager,dc=eng,dc=com/answer2` 
Assuming you are using a recent version of
FreeRadius, you can do one of the following: 

modules {
   ldap {
     ...
     set_auth_type = no
   }
}

authorize {
   preprocess
   ldap
   pap
}

authenticate {
   Auth-Type PAP {
     pap
   }
}







____________________________________________________________________________________
Be a better pen pal. Text or chat with friends inside Yahoo! Mail. See 
how.  http://overview.mail.yahoo.com/





      
____________________________________________________________________________________
Looking for last minute shopping deals? Find them fast with Yahoo! Search. http://tools.search.yahoo.com/newsearch/category.php?category=shopping 

-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Reply via email to