Hello Alan Thanks a lot! Ill check this out. Sambuddho On Sat, 2008-06-14 at 09:22 +0200, Alan DeKok wrote:
Sambuddho Chakravarty wrote:
I am experiencing a problem while trying to authenticate the username/password in LDAP through a freeradius server. While a regular telnet/ssh to the edge running a openLdap client / PAM module works fine (It is able to authenticate) but the problem arises when trying to authenticate using the freeradius server .
This is what the log message looks like :
User-Name = "try" User-Password = "trialanderror" NAS-IP-Address = 127.0.0.1 ... rlm_ldap: performing search in ou=People,dc=example,dc=com, with filter (uid=try) rlm_ldap: Added password {crypt}$1$2Pl0Lm5O$ot8mrXYBaAg12RoBogNDK. in check items
If you do NOTHING more than configure "ldap" in the default configuration, this should work.
modcall[authorize]: module "ldap" returns ok for request 0 modcall: group authorize returns ok for request 0
You're not using 2.0, and you've edited the default configuration. DO use a recent version. DON'T edit the configuration to re-arrange the modules in the "authorize" section.
Here you can see that the authorization of a user 'try' having password 'trialanderror' works fine but authentication fails. The host running the freeradius server is Fedora Core 5 running linux 2.6.25.
The OS doesn't matter. The version of FreeRADIUS does.
It seems you're using 1.1.x. You should at LEAST upgrade to 1.1.7. Then, un-comment the references to LDAP, and configure the LDAP module. The test WILL work.
Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html