{"id":463,"date":"2011-04-08T17:13:06","date_gmt":"2011-04-08T09:13:06","guid":{"rendered":"http:\/\/www.alextwl.idv.tw\/memo\/?p=463"},"modified":"2011-04-08T17:53:21","modified_gmt":"2011-04-08T09:53:21","slug":"radius-ldap-mail2k","status":"publish","type":"post","link":"https:\/\/www.alextwl.idv.tw\/memo\/2011\/04\/radius-ldap-mail2k\/","title":{"rendered":"FreeRADIUS + LDAP + Mail2000 \u7684 filter"},"content":{"rendered":"<p>\u6703\u7528 Mail2000 \u7684\u5927\u55ae\u4f4d\u901a\u5e38\u6703\u628a\u5e33\u865f\u505a\u5206\u7d44\uff0c\u5f9e LDAP \u7684\u89d2\u5ea6\u770b\u5c31\u662f\u7528 Organization Unit (ou) \u5206\u985e\u3002\u6709\u4e9b\u4eba\u53ef\u80fd\u8eab\u517c\u6578\u8077\u8981\u89d2\uff0c\u6240\u4ee5\u6709\u4e00\u5806 alias \u7684\u5e33\u865f\uff0c\u5982\u679c RADIUS \u5f9e\u8f03\u4e0a\u5c64\u7684 Base DN \u5f80\u4e0b\u6383\uff0c\u540c\u4e00\u500b uid \u4e5f\u8a31\u6703\u6383\u5230\u5169\u7b46\u4ee5\u4e0a\u7684\u7d50\u679c\uff0c\u5f9e debug mode \u4f86\u770b\u53ef\u80fd\u6709\u4ee5\u4e0b\u8a0a\u606f\uff1a<\/p>\n<blockquote><p><code>rlm_ldap: got ambiguous search result (X results)<br \/>\nLogin incorrect (rlm_ldap: User not found)<\/code><\/p><\/blockquote>\n<p>\u800c\u5f97\u51fa Access-Reject \u7684\u7d50\u679c\u3002<\/p>\n<p>\u56e0\u6b64\uff0c\u70ba\u4e86\u6392\u9664\u5e33\u865f\u7684\u6b67\u7fa9\u554f\u984c\uff0c\u5c0d LDAP \u7684 filter \u9808\u589e\u52a0\u689d\u4ef6\u4f86\u904e\u6ffe\u3002\u76ee\u524d\u770b\u8d77\u4f86\u6392\u9664 alias \u4e4b\u5f8c\u7559\u4e0b\u4f86\u7684\u5e33\u865f\uff0c\u6703\u6709 objMail2000 \u8207 pilotPerson \u5169\u7a2e objectclass\u3002Filter \u7684\u5beb\u6cd5\u5982\u4e0b\uff1a<\/p>\n<p>\/etc\/raddb\/modules\/ldap:<\/p>\n<blockquote><p><code>filter = \"(&(objectclass=objMail2000)(uid=%{%{Stripped-User-Name}:-%{User-Name}}))\"<\/code><\/p><\/blockquote>\n<p>\u7167\u76ee\u524d\u7db2\u969b\u6f2b\u904a\u7684\u6163\u4f8b\uff0c\u5927\u90fd\u7528 E-Mail \u4f4d\u5740\u7576\u4f5c\u5e33\u865f\uff0c\u6240\u4ee5\u53ef\u62ff objectclass=objMail2000 \u7576\u689d\u4ef6\uff0c\u61c9\u8a72\u80fd\u78ba\u4fdd\u627e\u5230\u552f\u4e00\u7684 uid&#8230;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>\u6703\u7528 Mail2000 \u7684\u5927\u55ae\u4f4d\u901a\u5e38\u6703\u628a\u5e33\u865f\u505a\u5206\u7d44\uff0c\u5f9e LDAP \u7684\u89d2\u5ea6\u770b\u5c31\u662f\u7528 Organization U [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"footnotes":""},"categories":[],"tags":[],"class_list":["post-463","post","type-post","status-publish","format-standard","hentry"],"_links":{"self":[{"href":"https:\/\/www.alextwl.idv.tw\/memo\/wp-json\/wp\/v2\/posts\/463","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.alextwl.idv.tw\/memo\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.alextwl.idv.tw\/memo\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.alextwl.idv.tw\/memo\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.alextwl.idv.tw\/memo\/wp-json\/wp\/v2\/comments?post=463"}],"version-history":[{"count":3,"href":"https:\/\/www.alextwl.idv.tw\/memo\/wp-json\/wp\/v2\/posts\/463\/revisions"}],"predecessor-version":[{"id":466,"href":"https:\/\/www.alextwl.idv.tw\/memo\/wp-json\/wp\/v2\/posts\/463\/revisions\/466"}],"wp:attachment":[{"href":"https:\/\/www.alextwl.idv.tw\/memo\/wp-json\/wp\/v2\/media?parent=463"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.alextwl.idv.tw\/memo\/wp-json\/wp\/v2\/categories?post=463"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.alextwl.idv.tw\/memo\/wp-json\/wp\/v2\/tags?post=463"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}