openLDAP & freeRADIUS
Jason Alderfer
jha2 at emu.edu
Thu Jun 26 19:47:59 CEST 2008
Use the script command.
man script
> How can I get the log or the out of it? It is so long that the terminal
> doesn't allow me to scroll all the way back to the top. Is there a log? I
> found radius.log, but it had nothing. Is there a command to generate the
> log? Thanks. I know I am close here...
>
>
> William E. W. Russell
> Member of Technical Staff (Software Development)
> 198 Brighton Avenue
> Long Branch, New Jersey 07740
> Home #: 732-752-2037
> Cell #: 732-744-6483
>
> -----Original Message-----
> From:
> freeradius-users-bounces+wrussell=incnetworks.com at lists.freeradius.org
> [mailto:freeradius-users-bounces+wrussell=incnetworks.com at lists.freeradius.o
> rg] On Behalf Of Alan DeKok
> Sent: Thursday, June 26, 2008 4:36 AM
> To: FreeRadius users mailing list
> Subject: Re: openLDAP & freeRADIUS
>
> William E. Russell wrote:
>> I have correctly set up freeRADIUS to read from my openLDAP. I can't
>> seem to authenticate my user. I have narrowed down the error to a single
>> line, "rlm_eap_mschapv2: Invalid response type 4". From my hours of
>> searching online, I have realized that all this means is that there was
>> an
>> error in the response packet.
>
> Code 4 is MS-CHAP failure. It means that the client told the server
> it didn't like the previous packet.
>
>> I have no idea what error could have occurred.
>> I believe it may have to do with the password_attribute. I read
>> something
>> documentation that said there was some issue with LDAP and passing a
>> cleartext password. Also, as you can see, I am using EAP/PEAP with
>> MSCHAP.
>> Any body have any insight in to this type of thing? If I could just get
> some
>> help on how to set up the LDAP and RADIUS, that would be great - I have
> read
>> just about every single tutorial so please don't direct me to one of
> those.
>> I need someone who has a similar set up - what did you use for password
>> attribute?
>
> userPassword.
>
> Step 1: Get PEAP working with an entry in the "users" file.
> Step 2: Get LDAP working with PAP (radclient). Verify that it
> is NOT doing "bind as user"
> Step 3: Verify that PEAP works against LDAP.
>
> PLEASE show the debug output. The reason we ask for it is because it
> is the DEFINITIVE explanation of what's going on, and the ONLY way to
> help you solve the problem.
>
> Alan DeKok.
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>
>
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>
--
More information about the Freeradius-Users
mailing list