CHAP and LDAP

Dmitry Alekhin dalekhin at yandex.ru
Mon Oct 3 00:09:11 CEST 2005 

Hi there,

New questions are ready. :)


I have radiusd.conf
authorize {
        chap
       preprocess
       suffix
      mschap
      ldap
}

...

authenticate {
        Auth-Type PAP {
                pap
        }
        Auth-Type LDAP {
                ldap
        }
        Auth-Type CHAP {
                chap
        }
        Auth-Type MS-CHAP {
                mschap
        }


}
...

I am making VPN server with PPPD with radius module as NAS.

Passwords are stored in LDAP database in clear text format. When i use PAP
in connection setting, it works pretty fine
( connection is established) but with chap:
What does it mean login attempt ?

Mon Oct  3 02:16:05 2005 : Debug: rlm_ldap: checking if remote access for
dmitry is allowed by dialupAccess
Mon Oct  3 02:16:05 2005 : Debug: rlm_ldap: Password header not found in
password qazxsw for user dmitry
Mon Oct  3 02:16:05 2005 : Debug: rlm_ldap: looking for check items in
directory...
Mon Oct  3 02:16:05 2005 : Debug: rlm_ldap: looking for reply items in
directory...
Mon Oct  3 02:16:05 2005 : Debug: rlm_ldap: user dmitry authorized to use
remote access
Mon Oct  3 02:16:05 2005 : Debug: rlm_ldap: ldap_release_conn: Release Id: 0
Mon Oct  3 02:16:05 2005 : Debug:   modsingle[authorize]: returned from ldap
(rlm_ldap) for request 3
Mon Oct  3 02:16:05 2005 : Debug:   modcall[authorize]: module "ldap"
returns ok for request 3
Mon Oct  3 02:16:05 2005 : Debug: modcall: group authorize returns ok for
request 3
Mon Oct  3 02:16:05 2005 : Debug:   rad_check_password:  Found Auth-Type
CHAP
Mon Oct  3 02:16:05 2005 : Debug: auth: type "CHAP"
Mon Oct  3 02:16:05 2005 : Debug:   Processing the authenticate section of
radiusd.conf
Mon Oct  3 02:16:05 2005 : Debug: modcall: entering group Auth-Type for
request 3
Mon Oct  3 02:16:05 2005 : Debug:   modsingle[authenticate]: calling chap
(rlm_chap) for request 3
Mon Oct  3 02:16:05 2005 : Debug:   rlm_chap: login attempt by "dmitry" with
CHAP password
Mon Oct  3 02:16:05 2005 : Debug:   rlm_chap: Could not find clear text
password for user dmitry
Mon Oct  3 02:16:05 2005 : Debug:   modsingle[authenticate]: returned from
chap (rlm_chap) for request 3
Mon Oct  3 02:16:05 2005 : Debug:   modcall[authenticate]: module "chap"
returns invalid for request 3
Mon Oct  3 02:16:05 2005 : Debug: modcall: group Auth-Type returns invalid
for request 3
Mon Oct  3 02:16:05 2005 : Debug: auth: Failed to validate the user.

More information about the Freeradius-Users mailing list