Re: LDAP (continued...)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Ol On Thursday 09 September 2004 19:06, Hugo Sousa wrote: My Windows 2000 domain is office.netsystems.pt. The user I'm using is administrator. Is this wrong? ldap { server = 192.168.2.1 identity = cn=administrator,dc=office,dc=netsystems,dc=pt password = password basedn = dc=office,dc=netsystems,dc=PT filter = (uid=%{Stripped-User-Name:-%{User-Name}}) # base_filter = (objectclass=radiusprofile) () } Try cn=administrator,cn=users,dc=office,dc=netsystems,dc=pt as the administrator DN (identity). - -- Hugo Chasqueira Public Key: http://search.keyserver.net:11371/pks/lookup?op=getsearch=0x8BD14B82 -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.4 (GNU/Linux) iD8DBQFBQXVOjFeRi4vRS4IRAv6XAKCXemyYxEHFAyQOtq8eDASJNZEZeACfRInJ eLbIsU7F/JZjlE4233PoWUg= =AJIa -END PGP SIGNATURE-
RE: LDAP (continued...)
Install windows 2000 support tools, if you don't have them installed already. You'll have to check your server CDs or microsoft's website to find them. Once you have Windows 2000 Support Tools installed login to the AD machine as the administrator. Then go to Control Panel, Administrative Tools, Windows 2000 Support Tools, Tools, and finally ADSI Edit. That will give you a view into the LDAP tree of your server. As suggested in a previous post, it looks like the users are stored in cn=users as default, so if you didn't change anything when you set it up, you may want to just give that a shot. Hope that is helpful. Dusty Doris On Fri, 10 Sep 2004, sousa.hugo wrote: I don't have an LDAP browser. It's a simple Windows 2000 Server with AD installed. How can I install the LDAP browser so that my FR works? Please give me an ideia :-) -Original Message- From: [EMAIL PROTECTED] on behalf of Dustin Doris Sent: Fri 9/10/2004 1:27 AM To: [EMAIL PROTECTED] Cc: Subject: RE: LDAP (continued...) On Thu, 9 Sep 2004, sousa.hugo wrote: I'm using the Domain ADMINISTRATOR account, so it should have access to everything. I think the problem is in one of this lines: identity = cn=administrator,dc=office,dc=netsystems,dc=pt password = password basedn = dc=office,dc=netsystems,dc=PT Yes that is where the problem is. Is the syntax incorrect? My domain is called office.netsystems.pt. The syntax is correct. However, are you sure that is the correct info for that user? Do you have access to an ldap browser on that machine that will show the tree for you? -Original Message- From: [EMAIL PROTECTED] on behalf of Dustin Doris Sent: Thu 9/9/2004 7:40 PM To: [EMAIL PROTECTED] Cc: Subject: Re: LDAP (continued...) My Windows 2000 domain is office.netsystems.pt. The user I'm using is administrator. Does this user actually exist in your ldap directory with that password? You will need to find a user that exists in your AD that has read access to the part of the tree your users are in. Is this wrong? ldap { server = 192.168.2.1 identity = cn=administrator,dc=office,dc=netsystems,dc=pt password = password basedn = dc=office,dc=netsystems,dc=PT filter = (uid=%{Stripped-User-Name:-%{User-Name}}) # base_filter = (objectclass=radiusprofile) (.) } Something is wrong because I'm getting: rlm_ldap: LDAP login failed: check identity, password settings in ldap section of radiusd.conf rlm_ldap: (re)connection attempt failed rlm_ldap: search failed rlm_ldap: ldap_release_conn: Release Id: 0 modcall[authorize]: module ldap returns fail for request 0 What should I change to correct this problem? Thanks. Regards, Hugo Sousa - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: LDAP (continued...)
Problem solved. I downloaded LDAP browser from SOFTerra and saw all the info that I need. The correct is: CN=Administrator,CN=Users,DC=office,DC=netsystems,DC=pt Regards, Hugo Sousa SysAdmin / NetworkAdmin http://www.netsystems.pt Portugal -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Dustin Doris Sent: sexta-feira, 10 de Setembro de 2004 15:59 To: [EMAIL PROTECTED] Subject: RE: LDAP (continued...) Install windows 2000 support tools, if you don't have them installed already. You'll have to check your server CDs or microsoft's website to find them. Once you have Windows 2000 Support Tools installed login to the AD machine as the administrator. Then go to Control Panel, Administrative Tools, Windows 2000 Support Tools, Tools, and finally ADSI Edit. That will give you a view into the LDAP tree of your server. As suggested in a previous post, it looks like the users are stored in cn=users as default, so if you didn't change anything when you set it up, you may want to just give that a shot. Hope that is helpful. Dusty Doris On Fri, 10 Sep 2004, sousa.hugo wrote: I don't have an LDAP browser. It's a simple Windows 2000 Server with AD installed. How can I install the LDAP browser so that my FR works? Please give me an ideia :-) -Original Message- From: [EMAIL PROTECTED] on behalf of Dustin Doris Sent: Fri 9/10/2004 1:27 AM To: [EMAIL PROTECTED] Cc: Subject: RE: LDAP (continued...) On Thu, 9 Sep 2004, sousa.hugo wrote: I'm using the Domain ADMINISTRATOR account, so it should have access to everything. I think the problem is in one of this lines: identity = cn=administrator,dc=office,dc=netsystems,dc=pt password = password basedn = dc=office,dc=netsystems,dc=PT Yes that is where the problem is. Is the syntax incorrect? My domain is called office.netsystems.pt. The syntax is correct. However, are you sure that is the correct info for that user? Do you have access to an ldap browser on that machine that will show the tree for you? -Original Message- From: [EMAIL PROTECTED] on behalf of Dustin Doris Sent: Thu 9/9/2004 7:40 PM To: [EMAIL PROTECTED] Cc: Subject: Re: LDAP (continued...) My Windows 2000 domain is office.netsystems.pt. The user I'm using is administrator. Does this user actually exist in your ldap directory with that password? You will need to find a user that exists in your AD that has read access to the part of the tree your users are in. Is this wrong? ldap { server = 192.168.2.1 identity = cn=administrator,dc=office,dc=netsystems,dc=pt password = password basedn = dc=office,dc=netsystems,dc=PT filter = (uid=%{Stripped-User-Name:-%{User-Name}}) # base_filter = (objectclass=radiusprofile) (.) } Something is wrong because I'm getting: rlm_ldap: LDAP login failed: check identity, password settings in ldap section of radiusd.conf rlm_ldap: (re)connection attempt failed rlm_ldap: search failed rlm_ldap: ldap_release_conn: Release Id: 0 modcall[authorize]: module ldap returns fail for request 0 What should I change to correct this problem? Thanks. Regards, Hugo Sousa - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: LDAP (continued...)
viva, On Thu, 9 Sep 2004 19:06:22 +0100 Hugo Sousa [EMAIL PROTECTED] wrote: My Windows 2000 domain is office.netsystems.pt. The user I'm using is administrator. Is this wrong? ldap { server = 192.168.2.1 identity = cn=administrator,dc=office,dc=netsystems,dc=pt password = password if you are using password, try to use just password without basedn = dc=office,dc=netsystems,dc=PT filter = (uid=%{Stripped-User-Name:-%{User-Name}}) # base_filter = (objectclass=radiusprofile) ( ) } Something is wrong because I'm getting: rlm_ldap: LDAP login failed: check identity, password settings in ldap section of radiusd.conf rlm_ldap: (re)connection attempt failed rlm_ldap: search failed rlm_ldap: ldap_release_conn: Release Id: 0 modcall[authorize]: module ldap returns fail for request 0 What should I change to correct this problem? Thanks. Regards, Hugo Sousa pgpBXeJJyXz7z.pgp Description: PGP signature
RE: LDAP (continued...)
I'm using the Domain ADMINISTRATOR account, so it should have access to everything. I think the problem is in one of this lines: identity = cn=administrator,dc=office,dc=netsystems,dc=pt password = password basedn = dc=office,dc=netsystems,dc=PT Is the syntax incorrect? My domain is called office.netsystems.pt. -Original Message- From: [EMAIL PROTECTED] on behalf of Dustin Doris Sent: Thu 9/9/2004 7:40 PM To: [EMAIL PROTECTED] Cc: Subject: Re: LDAP (continued...) My Windows 2000 domain is office.netsystems.pt. The user I'm using is administrator. Does this user actually exist in your ldap directory with that password? You will need to find a user that exists in your AD that has read access to the part of the tree your users are in. Is this wrong? ldap { server = 192.168.2.1 identity = cn=administrator,dc=office,dc=netsystems,dc=pt password = password basedn = dc=office,dc=netsystems,dc=PT filter = (uid=%{Stripped-User-Name:-%{User-Name}}) # base_filter = (objectclass=radiusprofile) (.) } Something is wrong because I'm getting: rlm_ldap: LDAP login failed: check identity, password settings in ldap section of radiusd.conf rlm_ldap: (re)connection attempt failed rlm_ldap: search failed rlm_ldap: ldap_release_conn: Release Id: 0 modcall[authorize]: module ldap returns fail for request 0 What should I change to correct this problem? Thanks. Regards, Hugo Sousa - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html winmail.dat
RE: LDAP (continued...)
On Thu, 9 Sep 2004, sousa.hugo wrote: I'm using the Domain ADMINISTRATOR account, so it should have access to everything. I think the problem is in one of this lines: identity = cn=administrator,dc=office,dc=netsystems,dc=pt password = password basedn = dc=office,dc=netsystems,dc=PT Yes that is where the problem is. Is the syntax incorrect? My domain is called office.netsystems.pt. The syntax is correct. However, are you sure that is the correct info for that user? Do you have access to an ldap browser on that machine that will show the tree for you? -Original Message- From: [EMAIL PROTECTED] on behalf of Dustin Doris Sent: Thu 9/9/2004 7:40 PM To: [EMAIL PROTECTED] Cc: Subject: Re: LDAP (continued...) My Windows 2000 domain is office.netsystems.pt. The user I'm using is administrator. Does this user actually exist in your ldap directory with that password? You will need to find a user that exists in your AD that has read access to the part of the tree your users are in. Is this wrong? ldap { server = 192.168.2.1 identity = cn=administrator,dc=office,dc=netsystems,dc=pt password = password basedn = dc=office,dc=netsystems,dc=PT filter = (uid=%{Stripped-User-Name:-%{User-Name}}) # base_filter = (objectclass=radiusprofile) (.) } Something is wrong because I'm getting: rlm_ldap: LDAP login failed: check identity, password settings in ldap section of radiusd.conf rlm_ldap: (re)connection attempt failed rlm_ldap: search failed rlm_ldap: ldap_release_conn: Release Id: 0 modcall[authorize]: module ldap returns fail for request 0 What should I change to correct this problem? Thanks. Regards, Hugo Sousa - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: LDAP (continued...)
I don't have an LDAP browser. It's a simple Windows 2000 Server with AD installed. How can I install the LDAP browser so that my FR works? Please give me an ideia :-) -Original Message- From: [EMAIL PROTECTED] on behalf of Dustin Doris Sent: Fri 9/10/2004 1:27 AM To: [EMAIL PROTECTED] Cc: Subject: RE: LDAP (continued...) On Thu, 9 Sep 2004, sousa.hugo wrote: I'm using the Domain ADMINISTRATOR account, so it should have access to everything. I think the problem is in one of this lines: identity = cn=administrator,dc=office,dc=netsystems,dc=pt password = password basedn = dc=office,dc=netsystems,dc=PT Yes that is where the problem is. Is the syntax incorrect? My domain is called office.netsystems.pt. The syntax is correct. However, are you sure that is the correct info for that user? Do you have access to an ldap browser on that machine that will show the tree for you? -Original Message- From: [EMAIL PROTECTED] on behalf of Dustin Doris Sent: Thu 9/9/2004 7:40 PM To: [EMAIL PROTECTED] Cc: Subject: Re: LDAP (continued...) My Windows 2000 domain is office.netsystems.pt. The user I'm using is administrator. Does this user actually exist in your ldap directory with that password? You will need to find a user that exists in your AD that has read access to the part of the tree your users are in. Is this wrong? ldap { server = 192.168.2.1 identity = cn=administrator,dc=office,dc=netsystems,dc=pt password = password basedn = dc=office,dc=netsystems,dc=PT filter = (uid=%{Stripped-User-Name:-%{User-Name}}) # base_filter = (objectclass=radiusprofile) (.) } Something is wrong because I'm getting: rlm_ldap: LDAP login failed: check identity, password settings in ldap section of radiusd.conf rlm_ldap: (re)connection attempt failed rlm_ldap: search failed rlm_ldap: ldap_release_conn: Release Id: 0 modcall[authorize]: module ldap returns fail for request 0 What should I change to correct this problem? Thanks. Regards, Hugo Sousa - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html winmail.dat