users file auth failing

Anthony Chavez acc at hexadecagram.org
Mon Oct 27 23:16:41 CET 2008


Dear freeradius-users,

I've succeeded in getting LDAP authz/authn working with MSCHAPv2 and
have been using it successfully for a few months now.

I would like to add a very simple user with only a Cleartext-Password to
the users file (this is strictly a FreeRADIUS user and in the interest
of security shouldn't be in LDAP).  I would like both the users file and
LDAP to be queried for users, with a query falling through to the next
source if a particular user is not found.  In other words, I would like
to be able to use *both* a users file *and* LDAP for auth.

I've added the following at the top of the users file, which has not
been modified otherwise from the sample that ships with 2.0.3.

someuser	Cleartext-Password := "somepassword"

The authorize section of my default config (sans comments) looks like this.

authorize {
	preprocess
	chap
	mschap
	suffix
	eap {
		ok = return
	}
	files
	ldap
	expiration
	logintime
	pap
}

As you can see, "files" is there, so it would seem that (based on my
admittedly limited understanding of how FreeRADIUS is supposed to work)
the users file should be queried.  Nevertheless, authentication is
failing and nothing is being logged apart from the following.

Login incorrect (rlm_ldap: User not found)

What could I be doing wrong?

-- 
Anthony Chavez                                  http://hexadecagram.org/
mailto:acc at hexadecagram.org                    xmpp:acc at hexadecagram.org




More information about the Freeradius-Users mailing list