<div dir="ltr"><br><div>Hey,</div><div>first of all, sorry my poor english,</div><div>im trying to integrate my LDAP server with the freeradius, before 2 days searching on google i didnt solved the problem.</div><div><br></div>
<div>when i use the command:</div><div><br></div><div> ldapsearch -b "ou=People,dc=xxxxxx,dc=edu,dc=br" -h 200.131.96.47 uid=user1 -D "cn=admin,dc=ifsudeste,dc=edu,dc=br" -W<br></div><div><br></div><div>
i get this result:</div><div><br></div><div># extended LDIF<br>#<br># LDAPv3<br># base <ou=People,dc=xxxxxx,dc=edu,dc=br> with scope subtree<br># filter: uid=user1<br># requesting: ALL<br>#<br><br># user1, People, <a href="http://xxxxx.edu.br">xxxxx.edu.br</a><br>
dn: cn=user1,ou=People,dc=xxxxxx,dc=edu,dc=br<br>cn: user1<br>givenName: user<br>gidNumber: 501<br>homeDirectory: /home/users/user1<br>sn: 1<br>objectClass: inetOrgPerson<br>objectClass: posixAccount<br>objectClass: top<br>
userPassword:: e01ENX1JQ3k1WXF4WkIxdVdTd2NWTFNOTGNBPT0=<br>uidNumber: 1001<br>uid: user1<br></div><div><br></div><div>when i try: radtest user1 123 127.0.0.1 0 testing123<br></div><div><br></div><div>i get:</div><div><br>
</div><div><br>Sending Access-Request of id 225 to 127.0.0.1 port 1812<br> User-Name = "user1"<br> User-Password = "123"<br> NAS-IP-Address = 200.131.96.49<br> NAS-Port = 0<br>
rad_recv: Access-Reject packet from host 127.0.0.1 port 1812, id=225, length=20</div><div><br></div><div>and using freeradius -X i see this:</div><div><br></div><div><br>rad_recv: Access-Request packet from host 127.0.0.1 port 56729, id=225, length=57<br>
User-Name = "user1"<br> User-Password = "123"<br> NAS-IP-Address = 200.131.96.49<br> NAS-Port = 0<br># Executing section authorize from file /etc/freeradius/sites-enabled/default<br>
+- entering group authorize {...}<br>[ldap] performing user authorization for user1<br>[ldap] WARNING: Deprecated conditional expansion ":-". See "man unlang" for details<br>[ldap] ... expanding second conditional<br>
[ldap] expand: %{User-Name} -> user1<br>[ldap] expand: (cn=%{Stripped-User-Name:-%{User-Name}}) -> (cn=user1)<br>[ldap] expand: ou=People,dc=xxxxx,dc=edu,dc=br -> ou=People,dc=xxxxxxx,dc=edu,dc=br<br> [ldap] ldap_get_conn: Checking Id: 0<br>
[ldap] ldap_get_conn: Got Id: 0<br> [ldap] performing search in ou=People,dc=xxxxxx,dc=edu,dc=br, with filter (cn=user1)<br> [ldap] object not found<br>[ldap] search failed<br> [ldap] ldap_release_conn: Release Id: 0<br>
++[ldap] returns notfound<br>++[expiration] returns noop<br>++[logintime] returns noop<br>ERROR: No authenticate method (Auth-Type) found for the request: Rejecting the user<br>Failed to authenticate the user.<br>Login incorrect ( [ldap] User not found): [user1/123] (from client localhost port 0)<br>
Using Post-Auth-Type Reject<br># Executing group from file /etc/freeradius/sites-enabled/default<br>+- entering group REJECT {...}<br>[attr_filter.access_reject] expand: %{User-Name} -> user1<br></div><div><br></div>
<div><br></div><div>can anyone, please, help me?</div><div><br></div><div>sorry if this is too obvious for someone, for me isnt.</div><div>thanks.</div><div><br></div><div><br></div></div>