Phil Mayers wrote:
> On 17/01/12 14:04, Alan DeKok wrote:
> IIRC that's a special value that OpenLDAP uses; "{SASL}username" tells
> OpenLDAP to use the SASL library, with the username after the } and the
> password given in the bind request.Sure. But then LDAP should go do that lookup! > So, he's using LDAP as an oracle to talk to an oracle. Maybe there's > another oracle in there somewhere... Probably. As he said, it's FreeRADIUS -> LDAP -> SASL But... the debug log shows FreeRADIUS -> LDAP. So the LDAP-SASL link is broken. Is that a RADIUS problem? Nope. > I guess he needs to set "Auth-Type"... I don't know why people construct > these Heath Robinson systems that make their lives difficult! Because they believe complicated systems are better. Because they can't follow instructions. Because they think they know better than people who've been doing it for 10+ years. Maybe all/some of the above. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
