(RADIATOR) AuthBy ADSI configuration

DUFOUR Geoffrey Geoffrey.DUFOUR at staff.win.be
Fri Aug 29 03:11:53 CDT 2003 

Hello Hugh, Christian, Ingvar,

It seems to work when I set the AuthFlags parameter to 1.

Configuration :

SearchAttribute SAMAccountName
BindString LDAP://myserver/DC=staff,DC=mycompany,DC=com
AuthUser %0
AuthFlags 1

Now it should be easy to implement it with VPDN.

However, I'm still getting the following error in the logfile :

OLE exception from "ADODB.Command":
Object or provider is not capable of performing requested operation.
Win32::OLE(0.1601) error 0x800a0cb3

Can I ignore it ?

Thanks for your help.

Regards.

Geoffrey

-----Message d'origine-----
De : Hugh Irvine [mailto:hugh at open.com.au] 
Envoyé : jeudi 28 août 2003 5:26
À : DUFOUR Geoffrey
Cc : radiator at open.com.au
Objet : Re: (RADIATOR) AuthBy ADSI configuration


Hello Geoffrey -

To do what you describe you should change "CN=%0" to  
"samaccountname=%0".

I am not quite sure what your requirements are for VPDN users - can you  
clarify?

For a detailed description of the AuthBy ADSI clause please see section  
6.40 in the Radiator 3.6 reference manual ("doc/ref.html").

regards

Hugh


On Wednesday, Aug 27, 2003, at 23:44 Australia/Melbourne, DUFOUR  
Geoffrey wrote:

> Hello,
>
> I would like to authenticate users using <AuthBy  ADSI>. It works fine
> with the following configuration :
>
> BindString
> LDAP://myserver/ 
> CN=%0,OU=Marketing,OU=Employee,DC=staff,DC=mycompany,DC=
> com
> AuthUser %0
> AuthFlags 0
>
> This configuration sample shows that the username is bound to the CN
> (common name). I need the username to be bound to the attribute
> samaccountname.
>
> In fact I need to allow VPDN users to use the same parameters (username
> and password) both to log on the domain and for VPDN access.
>
> How can I handle this ?
>
> I am quite new to AD, could you please clarify the difference between
> BindString parameter and AuthUser parameter.
>
> Regards.
>
> Geoffrey
> ===
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.
>
>

NB: have you included a copy of your configuration file (no secrets),
together with a trace 4 debug showing what is happening?

-- 
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.

===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.

More information about the radiator mailing list