<div dir="ltr">Ivan , I have build the free radius on SLES 10 SP2 without e-directory option. And also in ldap module, it is uncommented by default with value e-dir_account_policy_check=no.So by default the Novell e-dir check is disabled and further in the module I have uncommented the set_auth_type=yes which is by default do LDAP binding for Authentication for Radius Pkts with User-Password.So I have tried with these options. I am not knowing exactly where I am going wrong.<br>
Please comment.<br><br>Regards,<br>SYED<br><br><br><br><div class="gmail_quote">On Thu, Aug 28, 2008 at 1:37 PM, Ivan Kalik <span dir="ltr"><<a href="mailto:tnt@kalik.net">tnt@kalik.net</a>></span> wrote:<br><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
Hm, that should work (password was found):<br>
<div class="Ih2E3d"><br>
>rlm_ldap: - authorize<br>
>rlm_ldap: performing user authorization for thales<br>
>WARNING: Deprecated conditional expansion ":-". See "man unlang" for<br>
>details<br>
> expand: (uid=%{Stripped-User-Name:-%{User-Name}}) -> (uid=hasan)<br>
> expand: dc=thales,dc=com -> dc=thales,dc=com<br>
>rlm_ldap: ldap_get_conn: Checking Id: 0<br>
>rlm_ldap: ldap_get_conn: Got Id: 0<br>
>rlm_ldap: attempting LDAP reconnection<br>
>rlm_ldap: (re)connect to <a href="http://127.0.0.1:389" target="_blank">127.0.0.1:389</a>, authentication 0<br>
>rlm_ldap: bind as cn=Administrator,dc=thales,dc=com/thales to <a href="http://127.0.0.1:389" target="_blank">127.0.0.1:389</a><br>
>rlm_ldap: waiting for bind result ...<br>
>rlm_ldap: Bind was successful<br>
>rlm_ldap: performing search in dc=thales,dc=com, with filter (uid=hasan)<br>
>rlm_ldap: checking if remote access for thales is allowed by uid<br>
>rlm_ldap: Added User-Password = thales in check items<br>
>rlm_ldap: No default NMAS login sequence<br>
>rlm_ldap: looking for check items in directory...<br>
>rlm_ldap: LDAP attribute userPassword as RADIUS attribute User-Password ==<br>
>"thales"<br>
>rlm_ldap: looking for reply items in directory...<br>
>rlm_ldap: user authorized to use remote access<br>
>rlm_ldap: ldap_release_conn: Release Id: 0<br>
>++[ldap] returns ok<br>
<br>
</div>but:<br>
<div class="Ih2E3d"><br>
>rlm_ldap: No default NMAS login sequence<br>
<br>
</div>eDirectory? It might need additional settings. Have a look at<br>
edir_account_policy_check in ldap module and see if that has been set<br>
properly.<br>
<div class="Ih2E3d"><br>
Ivan Kalik<br>
Kalik Informatika ISP<br>
<br>
</div><div><div></div><div class="Wj3C7c">-<br>
List info/subscribe/unsubscribe? See <a href="http://www.freeradius.org/list/users.html" target="_blank">http://www.freeradius.org/list/users.html</a><br>
</div></div></blockquote></div><br></div>