ldap+radius authentication problem

amir shrestha amirshr at namche.com
Tue Mar 25 12:25:30 CET 2008 

Dear all,

I have configured freeradius with ldap backed as given in
http://freeradius.org/radiusd/doc/ldap_howto.txt.

The user get authorized but the authentication failed. 

The detail output is here:

Ready to process requests.

rad_recv: Access-Request packet from host a.b.c.d:3272, id=0, length=47

        User-Name = "abc"

        User-Password = "12345"

  Processing the authorize section of radiusd.conf

modcall: entering group authorize for request 0

  modcall[authorize]: module "preprocess" returns ok for request 0

  modcall[authorize]: module "chap" returns noop for request 0

  modcall[authorize]: module "mschap" returns noop for request 0

rlm_ldap: - authorize

rlm_ldap: performing user authorization for abc

radius_xlat:  '(uid=abc)'

radius_xlat:  'ou=users,ou=radius,dc=whitehouse,dc=edu'

rlm_ldap: ldap_get_conn: Checking Id: 0

rlm_ldap: ldap_get_conn: Got Id: 0

rlm_ldap: attempting LDAP reconnection

rlm_ldap: (re)connect to x.x.x.x:389, authentication 0

rlm_ldap: could not set LDAP_OPT_X_TLS_REQUIRE_CERT option to allow

rlm_ldap: bind as cn=Manager,dc=whitehouse,dc=edu/password to x.x.x.x:389

rlm_ldap: waiting for bind result ...

rlm_ldap: Bind was successful

rlm_ldap: performing search in ou=users,ou=radius,dc=whitehouse,dc=edu, with
filter (uid=abc)

rlm_ldap: Added password 12345  in check items

rlm_ldap: looking for check items in directory...

rlm_ldap: looking for reply items in directory...

rlm_ldap: Setting Auth-Type = ldap

rlm_ldap: user abc authorized to use remote access

rlm_ldap: ldap_release_conn: Release Id: 0

  modcall[authorize]: module "ldap" returns ok for request 0

modcall: leaving group authorize (returns ok) for request 0

  rad_check_password:  Found Auth-Type ldap

auth: type "LDAP"

  Processing the authenticate section of radiusd.conf

modcall: entering group LDAP for request 0

rlm_ldap: - authenticate

rlm_ldap: login attempt by "abc" with password "12345"

rlm_ldap: user DN: uid=abc,ou=users,ou=radius,dc=whitehouse,dc=edu

rlm_ldap: (re)connect to x.x.x.x:389, authentication 1

rlm_ldap: could not set LDAP_OPT_X_TLS_REQUIRE_CERT option to allow

rlm_ldap: bind as uid=abc,ou=users,ou=radius,dc=whitehouse,dc=edu/12345 to
x.x.x.x:389

rlm_ldap: waiting for bind result ...

rlm_ldap: Bind failed with invalid credentials

  modcall[authenticate]: module "ldap" returns reject for request 0

modcall: leaving group LDAP (returns reject) for request 0

auth: Failed to validate the user.

Delaying request 0 for 1 seconds

 

Can anyone help me??

 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20080325/edfcd764/attachment.html>

More information about the Freeradius-Users mailing list