On 04/07/2011 10:06 PM, joezamosc wrote:
2.1.10
Here's a snippet of freeradius -X...
+- entering group post-auth {...}
[ldap] Entering ldap_groupcmp()
[files] expand: ou=Departments,dc=corp,dc=development,dc=com ->
ou=Departments,dc=corp,dc=development,dc=com
[files] expand: (&(sAMAccountName=%{mschap:User-Name})) ->
(&(sAMAccountName=RobertTest1))
[ldap] ldap_get_conn: Checking Id: 0
[ldap] ldap_get_conn: Got Id: 0
[ldap] performing search in ou=Departments,dc=corp,dc=development,dc=com,
with filter (&(sAMAccountName=RobertTest1))
[ldap] ldap_release_conn: Release Id: 0
[files] expand:
(|(&(objectClass=GroupOfNames)(member=%{control:Ldap-UserDn}))(&(objectClass=GroupOfUniqueNames)(uniquemember=%{control:Ldap-UserDn})))
->
You are using Active Directory, and this LDAP filter is invalid.
You want:
(&(objectClass=group)(member=%{control:Ldap-UserDn}))
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
