Hello everybody,<br><br>last week I was working out a freeradius 1.1.1
+ ldap with domain authentication. I got it running with the help of
Phil Mayers with this configuration:<br><br>authorize {<br> preprocess<br> ntdomain
<br> # other modules<br>}<br><br>realm MYDOMAIN {<br> type = radius<br> authhost = LOCAL<br> accthost = LOCAL<br> strip<br>}<br><br>But it didn't work till I enable ntdomain_hack in the mschap module:<br><br>with_ntdomain_hack = yes
<br><br>The truth is I don't understand it at all. Here's my thinking:<br><br>When someone is trying to authenticate and he belongs to a domain, in the request packet windows sends a string like:<br><br> MYDOMAIN\\username
<br><br>In the authorization part, using the realm ntdomain, the server
can strip the User-Name and use only username so it can find it in ldap.<br>But when it comes to the authorization module it fails. Here's part of the log:<br><br><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);">
Module: Loaded MS-CHAP</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);">
<span style="font-family: courier new,monospace; color: rgb(102, 102, 102);"> mschap: use_mppe = yes</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);">
mschap: require_encryption = no</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);"> mschap: require_strong = no</span>
<br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);"> mschap: <span style="color: rgb(255, 0, 0);">with_ntdomain_hack = no
</span></span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);"> mschap: passwd = "(null)"</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);">
<span style="font-family: courier new,monospace; color: rgb(102, 102, 102);"> mschap: authtype = "MS-CHAP"</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);">
mschap: ntlm_auth = "(null)"</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);">Module: Instantiated mschap (mschap)
<br>...............<br></span><font size="-1"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);">rad_recv: Access-Request packet from host <a href="http://192.168.51.162:1024/" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">
192.168.51.162:1024</a>, id=50, length=279</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);">
<span style="font-family: courier new,monospace; color: rgb(102, 102, 102);"> Acct-Session-Id = "2a6bb0b4-00000017"</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);">
NAS-Port = 8</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);"> NAS-Port-Type = Wireless-802.11</span>
<br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);"> Framed-MTU = 1496</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);">
<span style="font-family: courier new,monospace; color: rgb(102, 102, 102);"> Framed-IP-Address = <a href="http://255.255.255.254/" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">255.255.255.254
</a></span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);">
<span style="font-family: courier new,monospace; color: rgb(102, 102, 102);"> User-Name = "MYDOMAIN\\prueba_freeradius"</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);">
Calling-Station-Id = "00-04-23-8D-4B-0E"</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);"> Service-Type = Framed-User
</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);"> EAP-Message = 0x02b1006c190017030100610d895f029ebe43af255559638cf1e7e9d0639a11e7d7dfec4a794bee5fbee0a2bf64947cd8a99ad354fa03d6a0913904068c58dd975f8a122a929bc477b2af67b8907c9a4c6a2765188e878ca77f07e45a5329a20fd473989289fdfe3c23eb646b
</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);"> State = 0x908673323bd5eac7e882e906e316049f</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);">
<span style="font-family: courier new,monospace; color: rgb(102, 102, 102);"> Colubris-AVPair = "ssid=aamm"</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);">
Message-Authenticator = 0x8e2b19ea1dfd0d6f0f5b4c895f619818</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);">
Processing the authorize section of radiusd.conf</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);">modcall: entering group authorize for request 14
</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);"> modcall[authorize]: module "preprocess" returns ok for request 14
</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);"> rlm_realm: Looking up realm "MYDOMAIN" for User-Name = "MYDOMAIN\prueba_freeradius"
</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);"> rlm_realm: Found realm "MYDOMAIN"</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);">
<span style="font-family: courier new,monospace; color: rgb(102, 102, 102);"> rlm_realm: Adding Stripped-User-Name = "prueba_freeradius"</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);">
<span style="font-family: courier new,monospace; color: rgb(102, 102, 102);"> rlm_realm: Proxying request from user prueba_freeradius to realm MYDOMAIN</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);">
<span style="font-family: courier new,monospace; color: rgb(102, 102, 102);"> rlm_realm: Adding Realm = "MYDOMAIN"</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);">
rlm_realm: Authentication realm is LOCAL.</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);"> modcall[authorize]: module "ntdomain" returns noop for request 14
</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);">radius_xlat: '/usr/local/radius_regex/var/log/radius/radacct/192.168.51.162/auth-detail-20060509'
</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);">rlm_detail: /usr/local/radius_regex/var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d expands to /usr/local/radius_regex/var/log/radius/radacct/192.168.51.162/auth-detail-20060509
</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);"> modcall[authorize]: module "auth_log" returns ok for request 14
</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);"> modcall[authorize]: module "chap" returns noop for request 14
</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);"> modcall[authorize]: module "mschap" returns noop for request 14
</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);"> rlm_realm: Request already proxied. Ignoring.</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);">
<span style="font-family: courier new,monospace; color: rgb(102, 102, 102);"> modcall[authorize]: module "suffix" returns noop for request 14</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);">
<span style="font-family: courier new,monospace; color: rgb(102, 102, 102);"> rlm_eap: EAP packet type response id 177 length 108</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);">
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);">
modcall[authorize]: module "eap" returns updated for request 14</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);">
rlm_ldap: - authorize</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);">rlm_ldap: performing user authorization for prueba_freeradius
</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);">radius_xlat: '(uid=prueba_freeradius)'</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);">
<span style="font-family: courier new,monospace; color: rgb(102, 102, 102);">radius_xlat: 'ou=Central,dc=bcn,dc=es'</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);">
rlm_ldap: ldap_get_conn: Checking Id: 0</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);">rlm_ldap: ldap_get_conn: Got Id: 0
</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);">rlm_ldap: performing search in ou=Central,dc=bcn,dc=es, with filter (uid=prueba_freeradius)
</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);">rlm_ldap: looking for check items in directory...</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);">
<span style="font-family: courier new,monospace; color: rgb(102, 102, 102);">rlm_ldap: Adding userPassword as User-Password, value xxx & op=21</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);">
<span style="font-family: courier new,monospace; color: rgb(102, 102, 102);">rlm_ldap: looking for reply items in directory...</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);">
rlm_ldap: user prueba_freeradius authorized to use remote access</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);">
rlm_ldap: ldap_release_conn: Release Id: 0</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);"> modcall[authorize]: module "ldap" returns ok for request 14
</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);"> users: Matched entry DEFAULT at line 152</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);">
<span style="font-family: courier new,monospace; color: rgb(102, 102, 102);"> users: Matched entry DEFAULT at line 171</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);">
modcall[authorize]: module "files" returns ok for request 14</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);">
modcall: leaving group authorize (returns updated) for request 14</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);">
rad_check_password: Found Auth-Type EAP</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);">auth: type "EAP"
</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);"> Processing the authenticate section of radiusd.conf</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);">
<span style="font-family: courier new,monospace; color: rgb(102, 102, 102);">modcall: entering group authenticate for request 14</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);">
rlm_eap: Request found, released from the list</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);"> rlm_eap: EAP/peap
</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);"> rlm_eap: processing type peap</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);">
<span style="font-family: courier new,monospace; color: rgb(102, 102, 102);"> rlm_eap_peap: Authenticate</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);">
rlm_eap_tls: processing TLS</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);"> eaptls_verify returned 7</span>
<br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);"> rlm_eap_tls: Done initial handshake</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);">
<span style="font-family: courier new,monospace; color: rgb(102, 102, 102);"> eaptls_process returned 7</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);">
rlm_eap_peap: EAPTLS_OK</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);"> rlm_eap_peap: Session established. Decoding tunneled attributes.
</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);"> rlm_eap_peap: EAP type mschapv2</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);">
<span style="font-family: courier new,monospace; color: rgb(102, 102, 102);"> rlm_eap_peap: Tunneled data is valid.</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);">
PEAP: Got tunneled EAP-Message</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);"> EAP-Message = 0x02b100551a02b1005031d780cac8a727745249e57389beb21e6800000000000000004a4d93fb40b1108062905326a78ff4081fea67b75e569815004d59444f4d41494e5c7072756562615f66726565726164697573
</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);"> <span style="color: rgb(255, 0, 0);">PEAP: Setting User-Name to MYDOMAIN\prueba_freeradius
</span></span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);"> PEAP: Adding old state with dc 47</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);">
<span style="font-family: courier new,monospace; color: rgb(102, 102, 102);"> PEAP: Sending tunneled request</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);">
EAP-Message = 0x02b100551a02b1005031d780cac8a727745249e57389beb21e6800000000000000004a4d93fb40b1108062905326a78ff4081fea67b75e569815004d59444f4d41494e5c7072756562615f66726565726164697573</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);">
<span style="font-family: courier new,monospace; color: rgb(102, 102, 102);"> FreeRADIUS-Proxied-To = <a href="http://127.0.0.1/" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">127.0.0.1</a>
</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);">
<span style="font-family: courier new,monospace; color: rgb(102, 102, 102);"> User-Name = "MYDOMAIN\\prueba_freeradius"</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);">
State = 0xdc47453244df028b4a9c81ff38a17be9</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);"> Acct-Session-Id = "2a6bb0b4-00000017"
</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);"> NAS-Port = 8</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);">
<span style="font-family: courier new,monospace; color: rgb(102, 102, 102);"> NAS-Port-Type = Wireless-802.11</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);">
Framed-MTU = 1496</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);"> Framed-IP-Address = <a href="http://255.255.255.254/" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">
255.255.255.254</a></span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);"> Calling-Station-Id = "00-04-23-8D-4B-0E"
</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);"> Service-Type = Framed-User</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);">
<span style="font-family: courier new,monospace; color: rgb(102, 102, 102);"> Colubris-AVPair = "ssid=aamm"</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);">
NAS-IP-Address = <a href="http://192.168.51.162/" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">192.168.51.162</a></span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);">
<span style="font-family: courier new,monospace; color: rgb(102, 102, 102);">
Processing the authorize section of radiusd.conf</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);">modcall: entering group authorize for request 14
</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);"> modcall[authorize]: module "preprocess" returns ok for request 14
</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);"> rlm_realm: Looking up realm "MYDOMAIN" for User-Name = "MYDOMAIN\prueba_freeradius"
</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);"> rlm_realm: Found realm "MYDOMAIN"</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);">
<span style="font-family: courier new,monospace; color: rgb(102, 102, 102);"> rlm_realm: Adding Stripped-User-Name = "prueba_freeradius"</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);">
<span style="font-family: courier new,monospace; color: rgb(102, 102, 102);"> rlm_realm: Proxying request from user prueba_freeradius to realm MYDOMAIN</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);">
<span style="font-family: courier new,monospace; color: rgb(102, 102, 102);"> rlm_realm: Adding Realm = "MYDOMAIN"</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);">
rlm_realm: Authentication realm is LOCAL.</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);"> modcall[authorize]: module "ntdomain" returns noop for request 14
</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);">radius_xlat: '/usr/local/radius_regex/var/log/radius/radacct/127.0.0.1/auth-detail-20060509'
</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);">rlm_detail: /usr/local/radius_regex/var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d expands to /usr/local/radius_regex/var/log/radius/radacct/127.0.0.1/auth-detail-20060509
</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);"> modcall[authorize]: module "auth_log" returns ok for request 14
</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);"> modcall[authorize]: module "chap" returns noop for request 14
</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);"> modcall[authorize]: module "mschap" returns noop for request 14
</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);"> rlm_realm: Request already proxied. Ignoring.</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);">
<span style="font-family: courier new,monospace; color: rgb(102, 102, 102);"> modcall[authorize]: module "suffix" returns noop for request 14</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);">
<span style="font-family: courier new,monospace; color: rgb(102, 102, 102);"> rlm_eap: EAP packet type response id 177 length 85</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);">
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);">
modcall[authorize]: module "eap" returns updated for request 14</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);">
rlm_ldap: - authorize</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);">rlm_ldap: performing user authorization for prueba_freeradius
</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);">radius_xlat: '(uid=prueba_freeradius)'</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);">
<span style="font-family: courier new,monospace; color: rgb(102, 102, 102);">radius_xlat: 'ou=Central,dc=bcn,dc=es'</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);">
rlm_ldap: ldap_get_conn: Checking Id: 0</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);">rlm_ldap: ldap_get_conn: Got Id: 0
</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);">rlm_ldap: performing search in ou=Central,dc=bcn,dc=es, with filter (uid=prueba_freeradius)
</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);">rlm_ldap: looking for check items in directory...</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);">
<span style="font-family: courier new,monospace; color: rgb(102, 102, 102);">rlm_ldap: Adding userPassword as User-Password, value xxx & op=21</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);">
<span style="font-family: courier new,monospace; color: rgb(102, 102, 102);">rlm_ldap: looking for reply items in directory...</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);">
rlm_ldap: user prueba_freeradius authorized to use remote access</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);">
rlm_ldap: ldap_release_conn: Release Id: 0</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);"> modcall[authorize]: module "ldap" returns ok for request 14
</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);"> users: Matched entry DEFAULT at line 152</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);">
<span style="font-family: courier new,monospace; color: rgb(102, 102, 102);"> users: Matched entry DEFAULT at line 171</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);">
modcall[authorize]: module "files" returns ok for request 14</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);">
modcall: leaving group authorize (returns updated) for request 14</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);">
rad_check_password: Found Auth-Type EAP</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);">auth: type "EAP"
</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);"> Processing the authenticate section of radiusd.conf</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);">
<span style="font-family: courier new,monospace; color: rgb(102, 102, 102);">modcall: entering group authenticate for request 14</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);">
rlm_eap: Request found, released from the list</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);"> rlm_eap: EAP/mschapv2
</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);"> rlm_eap: processing type mschapv2</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);">
<span style="font-family: courier new,monospace; color: rgb(102, 102, 102);"> Processing the authenticate section of radiusd.conf</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);">
modcall: entering group MS-CHAP for request 14</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);"> <span style="color: rgb(255, 0, 0);">
rlm_mschap: NT Domain delimeter found, should we have enabled with_ntdomain_hack?</span></span><br style="font-family: courier new,monospace; color: rgb(255, 0, 0);"><span style="font-family: courier new,monospace; color: rgb(255, 0, 0);">
rlm_mschap: Told to do MS-CHAPv2 for MYDOMAIN\prueba_freeradius with NT-Password</span><br style="font-family: courier new,monospace; color: rgb(255, 0, 0);"><span style="font-family: courier new,monospace; color: rgb(255, 0, 0);">
rlm_mschap: FAILED: MS-CHAP2-Response is incorrect</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);"> modcall[authenticate]: module "mschap" returns reject for request 14
</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);">modcall: leaving group MS-CHAP (returns reject) for request 14
</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);"> rlm_eap: Freeing handler</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);">
<span style="font-family: courier new,monospace; color: rgb(102, 102, 102);"> modcall[authenticate]: module "eap" returns reject for request 14</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);">
<span style="font-family: courier new,monospace; color: rgb(102, 102, 102);">modcall: leaving group authenticate (returns reject) for request 14</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);">
<span style="font-family: courier new,monospace; color: rgb(102, 102, 102);">auth: Failed to validate the user.</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);">
<span style="color: rgb(255, 0, 0);">Login incorrect: [prueba_freeradius</span>/<no User-Password attribute>] (from client localhost port 8 cli 00-04-23-8D-4B-0E)</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);">
<span style="font-family: courier new,monospace; color: rgb(102, 102, 102);"> PEAP: Got tunneled reply RADIUS code 3</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);">
Framed-IP-Address = <a href="http://255.255.255.254/" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">255.255.255.254</a></span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);">
<span style="font-family: courier new,monospace; color: rgb(102, 102, 102);">
Framed-MTU = 576</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);"> Service-Type = Framed-User</span>
<br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);"> MS-CHAP-Error = "\261E=691 R=1"</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);">
<span style="font-family: courier new,monospace; color: rgb(102, 102, 102);"> EAP-Message = 0x04b10004</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);">
Message-Authenticator = 0x00000000000000000000000000000000</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);">
PEAP: Processing from tunneled session code 0x8153428 3</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);"> Framed-IP-Address =
<a href="http://255.255.255.254/" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">255.255.255.254</a></span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);">
Framed-MTU = 576
</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);"> Service-Type = Framed-User</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);">
<span style="font-family: courier new,monospace; color: rgb(102, 102, 102);"> MS-CHAP-Error = "\261E=691 R=1"</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);">
EAP-Message = 0x04b10004</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);"> Message-Authenticator = 0x00000000000000000000000000000000
</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);"> PEAP: Tunneled authentication was rejected.</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);">
<span style="font-family: courier new,monospace; color: rgb(102, 102, 102);"> rlm_eap_peap: FAILURE</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);">
modcall[authenticate]: module "eap" returns handled for request 14</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);">
modcall: leaving group authenticate (returns handled) for request 14</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);">
Sending Access-Challenge of id 50 to <a href="http://192.168.51.162/" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">192.168.51.162</a> port 1024</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);">
<span style="font-family: courier new,monospace; color: rgb(102, 102, 102);">
Framed-IP-Address = <a href="http://255.255.255.254/" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">255.255.255.254</a></span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);">
<span style="font-family: courier new,monospace; color: rgb(102, 102, 102);">
Framed-MTU = 576</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);"> Service-Type = Framed-User</span>
<br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);"> EAP-Message = 0x01b200261900170301001b6c9a8c161b62aec589f4a4f92e58f4c76ec7ae250761970d9213c7
</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);"> Message-Authenticator = 0x00000000000000000000000000000000
</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);"> State = 0xa18cd510394250c8136571f619e429e0</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);">
<span style="font-family: courier new,monospace; color: rgb(102, 102, 102);">Finished request 14</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);">
Going to the next request</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);">Waking up in 6 seconds...</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);">
<span style="font-family: courier new,monospace; color: rgb(102, 102, 102);">rad_recv: Access-Request packet from host <a href="http://192.168.51.162:1024/" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">
192.168.51.162:1024</a>, id=36, length=209</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);">
<span style="font-family: courier new,monospace; color: rgb(102, 102, 102);"> Acct-Session-Id = "2a6bb0b4-00000017"</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);">
NAS-Port = 8</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);"> NAS-Port-Type = Wireless-802.11</span>
<br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);"> Framed-MTU = 1496</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);">
<span style="font-family: courier new,monospace; color: rgb(102, 102, 102);"> Framed-IP-Address = <a href="http://255.255.255.254/" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">255.255.255.254
</a></span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);">
<span style="font-family: courier new,monospace; color: rgb(102, 102, 102);"> User-Name = "MYDOMAIN\\prueba_freeradius"</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);">
Calling-Station-Id = "00-04-23-8D-4B-0E"</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);"> Service-Type = Framed-User
</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);"> EAP-Message = 0x02b200261900170301001bd89d386a7c80dcf210c271671421915148555085d02e7c2a34149e
</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);"> State = 0xa18cd510394250c8136571f619e429e0</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);">
<span style="font-family: courier new,monospace; color: rgb(102, 102, 102);"> Colubris-AVPair = "ssid=aamm"</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);">
Message-Authenticator = 0xacf972ea063d9318ee2b2dad1613cc3c</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);">
Processing the authorize section of radiusd.conf</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);">modcall: entering group authorize for request 15
</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);"> modcall[authorize]: module "preprocess" returns ok for request 15
</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);"> rlm_realm: Looking up realm "MYDOMAIN" for User-Name = "MYDOMAIN\prueba_freeradius"
</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);"> rlm_realm: Found realm "MYDOMAIN"</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);">
<span style="font-family: courier new,monospace; color: rgb(102, 102, 102);"> rlm_realm: Adding Stripped-User-Name = "prueba_freeradius"</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);">
<span style="font-family: courier new,monospace; color: rgb(102, 102, 102);"> rlm_realm: Proxying request from user prueba_freeradius to realm MYDOMAIN</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);">
<span style="font-family: courier new,monospace; color: rgb(102, 102, 102);"> rlm_realm: Adding Realm = "MYDOMAIN"</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);">
rlm_realm: Authentication realm is LOCAL.</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);"> modcall[authorize]: module "ntdomain" returns noop for request 15
</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);">radius_xlat: '/usr/local/radius_regex/var/log/radius/radacct/192.168.51.162/auth-detail-20060509'
</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);">rlm_detail: /usr/local/radius_regex/var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d expands to /usr/local/radius_regex/var/log/radius/radacct/192.168.51.162/auth-detail-20060509
</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);"> modcall[authorize]: module "auth_log" returns ok for request 15
</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);"> modcall[authorize]: module "chap" returns noop for request 15
</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);"> modcall[authorize]: module "mschap" returns noop for request 15
</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);"> rlm_realm: Request already proxied. Ignoring.</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);">
<span style="font-family: courier new,monospace; color: rgb(102, 102, 102);"> modcall[authorize]: module "suffix" returns noop for request 15</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);">
<span style="font-family: courier new,monospace; color: rgb(102, 102, 102);"> rlm_eap: EAP packet type response id 178 length 38</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);">
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);">
modcall[authorize]: module "eap" returns updated for request 15</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);">
rlm_ldap: - authorize</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);">rlm_ldap: performing user authorization for prueba_freeradius
</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);">radius_xlat: '(uid=prueba_freeradius)'</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);">
<span style="font-family: courier new,monospace; color: rgb(102, 102, 102);">radius_xlat: 'ou=Central,dc=bcn,dc=es'</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);">
rlm_ldap: ldap_get_conn: Checking Id: 0</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);">rlm_ldap: ldap_get_conn: Got Id: 0
</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);">rlm_ldap: performing search in ou=Central,dc=bcn,dc=es, with filter (uid=prueba_freeradius)
</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);">rlm_ldap: looking for check items in directory...</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);">
<span style="font-family: courier new,monospace; color: rgb(102, 102, 102);">rlm_ldap: Adding userPassword as User-Password, value xxx & op=21</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);">
<span style="font-family: courier new,monospace; color: rgb(102, 102, 102);">rlm_ldap: looking for reply items in directory...</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);">
rlm_ldap: user prueba_freeradius authorized to use remote access</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);">
rlm_ldap: ldap_release_conn: Release Id: 0</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);"> modcall[authorize]: module "ldap" returns ok for request 15
</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);"> users: Matched entry DEFAULT at line 152</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);">
<span style="font-family: courier new,monospace; color: rgb(102, 102, 102);"> users: Matched entry DEFAULT at line 171</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);">
modcall[authorize]: module "files" returns ok for request 15</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);">
modcall: leaving group authorize (returns updated) for request 15</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);">
rad_check_password: Found Auth-Type EAP</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);">auth: type "EAP"
</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);"> Processing the authenticate section of radiusd.conf</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);">
<span style="font-family: courier new,monospace; color: rgb(102, 102, 102);">modcall: entering group authenticate for request 15</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);">
rlm_eap: Request found, released from the list</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);"> rlm_eap: EAP/peap
</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);"> rlm_eap: processing type peap</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);">
<span style="font-family: courier new,monospace; color: rgb(102, 102, 102);"> rlm_eap_peap: Authenticate</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);">
rlm_eap_tls: processing TLS</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);"> eaptls_verify returned 7</span>
<br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);"> rlm_eap_tls: Done initial handshake</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);">
<span style="font-family: courier new,monospace; color: rgb(102, 102, 102);"> eaptls_process returned 7</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);">
rlm_eap_peap: EAPTLS_OK</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);"> rlm_eap_peap: Session established. Decoding tunneled attributes.
</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);"> rlm_eap_peap: Received EAP-TLV response.</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);">
<span style="font-family: courier new,monospace; color: rgb(102, 102, 102);"> rlm_eap_peap: Tunneled data is valid.</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);">
rlm_eap_peap: Had sent TLV failure. User was rejcted rejected earlier in this session.</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);">
rlm_eap: Handler failed in EAP/peap</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);"> rlm_eap: Failed in EAP select
</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);"> modcall[authenticate]: module "eap" returns invalid for request 15
</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);">modcall: leaving group authenticate (returns invalid) for request 15
</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);">auth: Failed to validate the user.</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);">
<span style="font-family: courier new,monospace; color: rgb(102, 102, 102);">Login incorrect: [prueba_freeradius/<no User-Password attribute>] (from client ap port 8 cli 00-04-23-8D-4B-0E)</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);">
<span style="font-family: courier new,monospace; color: rgb(102, 102, 102);">Delaying request 15 for 1 seconds</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);">
Finished request 15</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);">Going to the next request</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);">
<span style="font-family: courier new,monospace; color: rgb(102, 102, 102);">Waking up in 6 seconds...</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);">
--- Walking the entire request list ---</span><br style="font-family: courier new,monospace; color: rgb(102, 102, 102);"><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);">Sending Access-Reject of id 36 to
<a href="http://192.168.51.162/" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">192.168.51.162</a> port 1024</span></font><br><span style="font-family: courier new,monospace; color: rgb(102, 102, 102);">
<br></span><font size="-1">After reading the comments of with_ntdomain_hack, what
i get is this: The first time windows sends the id, the User-Name =
MYDOMAIN\\username, but when he response the access-challenge the
User-Name = username. <br><br>
I wonder why the server expects MYDOMAIN\\username. <br><br>After
the realm the server will only see User-Name = username in
ldap-authorization. And as windows sends for replying the challenge
only username, I thought this second time realm was not going to be
aplicable.
<br><br>So I think I don't understand this operation. <br><br>And as I don't understand it I can't work out a new configuration like: freeradius 1.1.1 + ldap + machine authentication.<br> <br> User-Name = host/username
<br><br>I have tried it making a new realm with this configuration<br> <br>radiusd.conf<br> realm hostdm {<br> format = prefix<br> delimiter = "/"<br> ignore_default = no
<br> ignore_null = no<br> }<br><br> authorize {<br>
preprocess<br>
hostdm<br>
# other modules<br>
}<br><br>proxy.conf:<br><br> realm host {<br> type = radius<br> authhost = LOCAL<br> accthost = LOCAL<br> strip<br> }<br><br>But I got me into the same situation as with ntdomain + with_ntdomain_hack=no.
<br><br>Then I try with the hints file:<br><br> DEFAULT User-Name =~ "^([^/]+)/([^/]+)"<br> User-Name := `%{2}`<br><br>But the same. So I don't know what to do. Is there another feature like with_ntdomain_hack for this ?
<br>I could put some logs if needed.<br><br><span>If there is something unintelligible please tell me, because my english is terrible, as you can notice.<br><br>Thanks.<br style="color: rgb(102, 102, 102);"></span><span>
</span><br style="color: rgb(102, 102, 102);"></font><br>