Zentyal 2.3 Radius Configuration uses wrong bind authentication

[airtonix@…]

Now that samba4 is in 2.3, the radius configuration still uses the old (and now invalid) bind authentication details.

it should now be something like :

ldap {
       server = "10.0.0.1"
       identity = "CN=Administrator,CN=Users,DC=zentyal,DC=domain"
       password = Zentyal1234
       basedn = "dc=zentyal,dc=domain"
       filter = "(&(sAMAccountName=%{Stripped-User-Name:-%{User-Name}}))"
       ldap_connections_number = 5
       timeout = 4
       timelimit = 3
       net_timeout = 1
       tls {
               start_tls = no
       }
       access_attr = "msNPAllowDialin"
       dictionary_mapping = ${confdir}/ldap.attrmap
       edir_account_policy_check = no
}just tack on 

identity can also be "administrator@…"

Other problems :

1. Group membership checks... possibly use this filter instead of the above :

filter = "(&(sAMAccountName=%{Stripped-User-Name:-%{User-Name}})(memberOf=%{Radius-Group-DN}))"

2. Passwords are no longer the responsibility of the samba4 ldap database. I suspect they are in kerberos or some other database.

This means I can no longer authenticate zentyal-desktop clients and radius clients until i work this out.

[airtonix@…]

your awesome (insert sarcasm) website software here removed some salient details :

`identity` can also be "administrator[at]zentyal.domain"

[jamor@…]

I think with the last changes en zentyal-user the LDAP binding info is correct (it is get by API calls) so it rest the group/kerberos issues

[jamor@…]

Fixed in [b173f37] , based in the development branch of users modules, the changes will be published in the next release.