Windows Authentication and Authorization via LDAP on FreeRadius v 2.1.4 Configuration Help!!!

Michael Schwartzkopff misch at multinet.de
Tue Mar 24 16:02:10 CET 2009


Am Dienstag, 24. März 2009 15:58:09 schrieb Edwin Isada:
> Hello All,
>
> Excuse me for my lack of knowledge with Linux and FreeRadius.  I hardly
> have any experience and I've been using version 1.1.3 for the past few
> weeks and had authentication working properly for Cisco devices.  I decided
> to install the latest version 2.1.4 and forgot to save all my configuration
> for 1.1.3. Hopefully I'll learn my lesson next time =)  The radiusd.conf
> file from what I recall looks totally different.  I inserted my ldap
> information in the modules section, but running the basic debug I'm seeing
> an error "No authenticate method (Auth-Type).  Even running the recommended
> radtest it's failing in reviewing the debug.  I believe I'm missing
> authenticate config. If so do I need to modify another file or add it to
> radiusd.conf?  I'm a little lost here if someone can point me the right
> direction and hopefully I can proceed with getting authorization working
> afterwards.  Let me know if you need any additional information.  I've
> added the debug info below. Another quick question has anyone configured
> this for F5 devices?
>
> rad_recv: Access-Request packet from host 127.0.0.1 port 1027, id=254,
> length=56
>         User-Name = "test"
>         User-Password = "test"
>         NAS-IP-Address = 127.0.1.1
>         NAS-Port = 0
> +- entering group authorize {...}
> ++[preprocess] returns ok
> ++[chap] returns noop
> ++[mschap] returns noop
> [suffix] No '@' in User-Name = "test", looking up realm NULL
> [suffix] No such realm "NULL"
> ++[suffix] returns noop
> [eap] No EAP-Message, not doing EAP
> ++[eap] returns noop
> ++[unix] returns notfound
> ++[files] returns noop
> ++[expiration] returns noop
> ++[logintime] returns noop
> [pap] WARNING! No "known good" password found for the user.  Authentication
> may fail because of this.
> ++[pap] returns noop
> No authenticate method (Auth-Type) configuration found for the request:
> Rejecting the user
> Failed to authenticate the user.
> Login incorrect: [test] (from client localhost port 0)
> Using Post-Auth-Type Reject
> +- entering group REJECT {...}
> [attr_filter.access_reject]     expand: %{User-Name} -> test
>  attr_filter: Matched entry DEFAULT at line 11
> ++[attr_filter.access_reject] returns updated
> Delaying reject of request 0 for 1 seconds
> Going to the next request
> Waking up in 0.9 seconds.
> Sending delayed reject for request 0
> Sending Access-Reject of id 254 to 127.0.0.1 port 1027
> Waking up in 4.9 seconds.
> Cleaning up request 0 ID 254 with timestamp +783
>
> Thanks,
>
> Ed

Did you enter the nescessary config in the modules/ldap file?
Did you uncomment the ldap sections in authorize and authenticate sections in 
the default server (servers-enabled/default)?

-- 
Dr. Michael Schwartzkopff
MultiNET Services GmbH
Addresse: Bretonischer Ring 7; 85630 Grasbrunn; Germany
Tel: +49 - 89 - 45 69 11 0
Fax: +49 - 89 - 45 69 11 21
mob: +49 - 174 - 343 28 75

mail: misch at multinet.de
web: www.multinet.de

Sitz der Gesellschaft: 85630 Grasbrunn
Registergericht: Amtsgericht München HRB 114375
Geschäftsführer: Günter Jurgeneit, Hubert Martens

---

PGP Fingerprint: F919 3919 FF12 ED5A 2801 DEA6 AA77 57A4 EDD8 979B
Skype: misch42




More information about the Freeradius-Users mailing list