(RADIATOR) LDAP2 and ServerChecksPassword

Jeremy Hinton jgh at visi.net
Fri Jul 13 10:01:53 CDT 2001 

Greetings all,

	After using radiator for some time with AuthBy SQL, i'm looking at
tying it into our new directory via LDAP. However, i'm having some
difficulty with AuthBy LADP2, specifically the ServerChecksPassword
parameter. As i understand it, This should cause the LDAP module to
attempt to bind with the directory using the username and password logged
in with, as opposed to specifying one with AuthDN and AuthPassword. From
what i can tell though, this is not happening on my server. Instead,
unless i hard specify the AuthDN and AuthPassword, it binds without
authentication. I'm running Radiator-2.18.2-3 installed via RPM. Some
snippets below: 

#### Start config file excerpt:

<Realm DEFAULT>
        <AuthBy LDAP2>
                ServerChecksPassword
                Host            10.1.1.1
                BaseDN          cn=visi.net
                PasswordAttr    userPassword
                UsernameAttr    uid
                Debug           255
        </AuthBy>

#### End config file excerpt

#### Start log file excerpt

Fri Jul 13 15:02:34 2001: DEBUG: Handling request with Handler
'Realm=DEFAULT'
Fri Jul 13 15:02:34 2001: DEBUG:  Deleting session for jgh, 203.63.154.1,
1234
Fri Jul 13 15:02:34 2001: DEBUG: Handling with Radius::AuthLDAP2
Fri Jul 13 15:02:34 2001: DEBUG: Connecting to 206.246.194.60, port 389
Fri Jul 13 15:02:34 2001: DEBUG: Attempting to bind with , 
Net::LDAP=HASH(0x87077c8) sending:

30 0C 02 01 01 60 07 02 01 02 04 00 80 00 __ __ 0....`........

0000 30   12: SEQUENCE {
0002 02    1:   INTEGER = 1
0005 60    7:   [APPLICATION 0] {
0007 02    1:     INTEGER = 2
000A 04    0:     STRING = ''
000C 80    0:     [CONTEXT 0]
000E        :   }
000E        : }
Net::LDAP=HASH(0x87077c8) received:

30 0C 02 01 01 61 07 0A 01 00 04 00 04 00 __ __ 0....a........

0000 30   12: SEQUENCE {
0002 02    1:   INTEGER = 1
0005 61    7:   [APPLICATION 1] {
0007 0A    1:     ENUM = 0
000A 04    0:     STRING = ''
000C 04    0:     STRING = ''
000E        :   }
000E        : }



// Jeremy Hinton                                            VisiNet
// jgh at visi.net                                         NOC Manager
// I've wrestled with reality for 35 years, doctor, 
// and I'm happy to state I finally won out over it. -Elwood P Dowd


===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.

More information about the radiator mailing list