subject:"rlm_ldap\: ldap_search\(\) failed\: Operations error \- advice please"

rlm_ldap: ldap_search() failed: Operations error - advice please

2007-04-19 Thread Jacob Jarick

Freeradius 1.1.3 installed via YUM on Fedora (not suse :P)
radiusd.conf: http://pastebin.ca/447690
radiusd -X -A output: http://pastebin.ca/447693
domain: tfxschool.internal
ADS: tfxschoolfs01.tfxschool.internal

Hi again people,

I have been pouring through the oreillys LDAP book (quite informative
so far to btw). I got the example of using freeradius against the
linux passwd file working fine. I tried their Freeradius and OpenLDAP
(now I know ADS isnt OpenLDAP btw) and it fails with the following
message: rlm_ldap: ldap_search() failed: Operations error

Oriellys one reccomended for OpenLDAP (errors, possibly due to
incorrect syntax ?):
filter = 
((objectclass=posixAccount)(uid=%{Stripped-User-Name:-%{User-Name}}))

Default filter (Fails with same search error):
filter = (uid=%{Stripped-User-Name:-%{User-Name}})

Im wondering if it is perhaps my basedn ?, Im still getting used to
the idea of them,
the user jacob (me) resides in the ou people FYI.

basedn = ou=people,dc=tfxschool,dc=internal

Thats all my info atm, Im currently compiling a 1.1.6 rpm (after Alan
resolving my silly little mistake) and will test then report back as I
feel its more likely a config error than a bug :)

If some1 else has a working radius setup that auths againts AD using
LDAP would they mind sending me the ldap { } section, would be very
handy to compare my config to a working one.

Thanks all, keep up the good work.
- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: rlm_ldap: ldap_search() failed: Operations error - advice please

2007-04-19 Thread Alan DeKok

Jacob Jarick wrote:
 I have been pouring through the oreillys LDAP book (quite informative
 so far to btw). I got the example of using freeradius against the
 linux passwd file working fine. I tried their Freeradius and OpenLDAP
 (now I know ADS isnt OpenLDAP btw) and it fails with the following
 message: rlm_ldap: ldap_search() failed: Operations error

  That's an internal LDAP error saying something went wrong, and it
can't be more specific than that.  I'm not sure what to suggest.

 If some1 else has a working radius setup that auths againts AD using
 LDAP would they mind sending me the ldap { } section, would be very
 handy to compare my config to a working one.

  Google is your friend:  freeradius ldap active directory

http://lists.cistron.nl/pipermail/freeradius-users/2004-August/035046.html

  Alan DeKok.
--
  http://deployingradius.com   - The web site of the book
  http://deployingradius.com/blog/ - The blog
- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: rlm_ldap: ldap_search() failed: Operations error - advice please

2007-04-19 Thread Jacob Jarick

After more research yet again (google/ oriellys/ FR mailing list
archives) I think its one of these 2 scenarios.

1 - Anonymous Searches in Active Directory isnt working
2 - When I set:

#   identity = cn=root,o=tfxschool,c=AU
#   password = pass

the password should be encrypted. I have tried slappasswd but to no avail.

oreillys showed me the anonymous way (which fails quite possibly due
to win2k3 permissions) and the gentoo 1 actually shows u how to enable
Anonymous Searches in Active Directory on windows 2000.

So yes, def ldap atm not FR.

I will post a seperate request asking about FR + win2k3  Allowing
Anonymous Searches in Active Directory.


Gentoo howto: 
http://gentoo-wiki.com/HOWTO_Adding_a_Samba_Server_into_an_existing_AD_Domain

On 4/19/07, Alan DeKok [EMAIL PROTECTED] wrote:
 Jacob Jarick wrote:
  I have been pouring through the oreillys LDAP book (quite informative
  so far to btw). I got the example of using freeradius against the
  linux passwd file working fine. I tried their Freeradius and OpenLDAP
  (now I know ADS isnt OpenLDAP btw) and it fails with the following
  message: rlm_ldap: ldap_search() failed: Operations error

   That's an internal LDAP error saying something went wrong, and it
 can't be more specific than that.  I'm not sure what to suggest.

  If some1 else has a working radius setup that auths againts AD using
  LDAP would they mind sending me the ldap { } section, would be very
  handy to compare my config to a working one.

   Google is your friend:  freeradius ldap active directory

 http://lists.cistron.nl/pipermail/freeradius-users/2004-August/035046.html

   Alan DeKok.
 --
   http://deployingradius.com   - The web site of the book
   http://deployingradius.com/blog/ - The blog
 -
 List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

rlm_ldap: ldap_search() failed: Operations error - advice please

Re: rlm_ldap: ldap_search() failed: Operations error - advice please

Re: rlm_ldap: ldap_search() failed: Operations error - advice please

3 matches

Site Navigation

Mail list logo

Footer information