Bug #13404
closedLDAP authentication does not working
0%
Description
Hi all,
has anyone encountered this particular issue with Freeradius3 0.15.7_33 with LDAP when a user tries to authenticate using username/password?
(0) Login incorrect (Failed retrieving values required to evaluate condition): [ettore] (from client localhost port 0)
Since I have a standalone instance of freeradius that works well I modified manually the file /usr/local/etc/raddb/sites-enabled/default and, using the same configuration I have on the standalone instance, everything works fine.
Attached you can find the original virtual-server-default.conf and the patched one and you can easily find the diffs.
In the mods-available/ldap file there is a comment with the instructions to use in order to configure the ldap authentication/authorization: these instructions are not present in the original virtual-server-default.conf in the authorize section.
# Note: set_auth_type was removed in v3.x.x # # Equivalent functionality can be achieved by adding the # following "if" statement to the authorize {} section of # the virtual server, after the "ldap" module. For example: # # ... # ldap # if ((ok || updated) && User-Password && !control:Auth-Type) { # update { # control:Auth-Type := ldap # } # } # ... #
In the patched virtual-server-default.conf I added these lines and I needed to comment some other instructions.
Of course I can propose a PR in order to build a valid virtual-server-default file for ldap authentication but I cannot figure out the impact on the other authentication mechanisms.
Files