Auth-Type LDAP and "WARNING: Unknown value specified for Auth-Type. Cannot perform requested action"

José Ignacio Siles Rueda jisiles at ingenia.es
Wed Aug 5 11:36:00 CEST 2015


Hi,

I've tried those two recommendations, with no luck.

I'm now in 2.2.8:

[XXXX at radius3 etc]# radiusd -X
radiusd: FreeRADIUS Version 2.2.8, for host x86_64-unknown-linux-gnu, built on Jul 22 2015 at 12:24:46

And LDAP module seems to be OK:

Module: Instantiating module "LDAP_estudiantes" from file /usr/local/etc/raddb/modules/LDAP_estudiantes
  ldap LDAP_estudiantes {
        server = "XXXXX"
        port = 389
        password = ""
       ....
  }
rlm_ldap: Registering ldap_groupcmp for Ldap-Group
rlm_ldap: Creating new attribute LDAP_estudiantes-Ldap-Group
rlm_ldap: Registering ldap_groupcmp for LDAP_estudiantes-Ldap-Group
rlm_ldap: Registering ldap_xlat with xlat_name LDAP_estudiantes
rlm_ldap: reading ldap<->radius mappings from file /usr/local/etc/raddb/ldap.attrmap
rlm_ldap: LDAP radiusCheckItem mapped to RADIUS $GENERIC$
rlm_ldap: LDAP radiusReplyItem mapped to RADIUS $GENERIC$
rlm_ldap: LDAP radiusAuthType mapped to RADIUS Auth-Type
rlm_ldap: LDAP radiusSimultaneousUse mapped to RADIUS Simultaneous-Use
rlm_ldap: LDAP radiusCalledStationId mapped to RADIUS Called-Station-Id
rlm_ldap: LDAP radiusCallingStationId mapped to RADIUS Calling-Station-Id
rlm_ldap: LDAP userPassword mapped to RADIUS Password-With-Header
conns: 0x1dee480

When testing, realm is detected OK, and LDAP_estudiantes is called, as specified in inner-tunnel config:

authenticate {
    eap
    #Auth-Type LDAP_gestores {
    #      LDAP_gestores
    #}
    Auth-Type LDAP_estudiantes {
          LDAP_estudiantes
    }
    Auth-Type LDAP_docentes {
          LDAP_docentes
    }
     Auth-Type PAP {
          pap
     }

}

But I'm still getting 

++switch %{Realm} {
        expand: %{Realm} -> alumno.upo.es
++switch %{Realm} {
+++case alumno.upo.es {
[LDAP_estudiantes] performing user authorization for uwifialumno
......
[LDAP_estudiantes] Setting Auth-Type = LDAP_estudiantes
......
++++[LDAP_estudiantes] = ok
+++} # case alumno.upo.es = ok
++} # switch %{Realm} = ok
+} # group authorize = ok
Found Auth-Type = LDAP_estudiantes
  WARNING: Unknown value specified for Auth-Type.  Cannot perform requested action.
Failed to authenticate the user.


My primary goal is to use the realm in order to get to specific LDAP instantiation, maybe I'm using wrong approach.

Regards,

Ignacio Siles.

-----Mensaje original-----
De: Freeradius-Users [mailto:freeradius-users-bounces+jisiles=ingenia.es at lists.freeradius.org] En nombre de Alan DeKok
Enviado el: viernes, 26 de junio de 2015 3:44
Para: FreeRadius users mailing list
Asunto: Re: Auth-Type LDAP and "WARNING: Unknown value specified for Auth-Type. Cannot perform requested action"

On Jun 25, 2015, at 11:50 AM, José Ignacio Siles Rueda <jisiles at ingenia.es> wrote:
> Why am I getting "Unknown value specified for Auth-Type", if I define:
> 
> Auth-Type LDAP_estudiantes {
>          LDAP_estudiantes
>    }
> 
> In my inner-tunnel config file?

  Because you're running 2.1.12.  Upgrade to 2.2.8, and the problem will disappear.

  Or, edit raddb/dictionary, and add

VALUE	Auth-Type LDAP_estudiantes 16

  Alan DeKok.


-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html



More information about the Freeradius-Users mailing list