Tim Gustafson <[email protected]> wrote:
>
> I'm using FreeRADIUS with LDAP for authentication and mySQL for
> logging. The LDAP queries seem to be stripping the realm name
> properly, whereas the mySQL queries are not. I'm running FreeRADIUS
> 2.1.6 on FreeBSD:
>
> FreeRADIUS Version 2.1.6, for host i386-portbld-freebsd7.2, built on
> Nov 10 2009 at 08:34:04
>
> Here's what I've got in my modules/ldap:
>
> ----- modules/ldap -----
> ldap {
> server = "foo"
> basedn = "dc=foo"
> identity = "uid=foo"
> password = "foo"
> filter = "(uid=%{Stripped-User-Name:-%{User-Name}})"
> [snipped]
> groupmembership_filter = "(memberUid=%{Stripped-User-Name:-%{User-Name}})"
>
...erm, '%{%{Stripped-User-Name}:-%{User-Name}}', I think what you have
there is some really old depreated or bad syntax'ed version. Same in
your SQL queries too strangely. You will want to make sure you use
'SQL-User-Name' instead too, and not directly 'User-Name' (think SQL
injection).
Cheers
--
Alexander Clouter
.sigmonster says: The fact that it works is immaterial.
-- L. Ogborn
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
