Ivan , I have build the free radius on SLES 10 SP2 without e-directory option. And also in ldap module, it is uncommented by default with value e-dir_account_policy_check=no.So by default the Novell e-dir check is disabled and further in the module I have uncommented the set_auth_type=yes which is by default do LDAP binding for Authentication for Radius Pkts with User-Password.So I have tried with these options. I am not knowing exactly where I am going wrong. Please comment. Regards, SYED On Thu, Aug 28, 2008 at 1:37 PM, Ivan Kalik <tnt@kalik.net> wrote:
Hm, that should work (password was found):
rlm_ldap: - authorize rlm_ldap: performing user authorization for thales WARNING: Deprecated conditional expansion ":-". See "man unlang" for details expand: (uid=%{Stripped-User-Name:-%{User-Name}}) -> (uid=hasan) expand: dc=thales,dc=com -> dc=thales,dc=com rlm_ldap: ldap_get_conn: Checking Id: 0 rlm_ldap: ldap_get_conn: Got Id: 0 rlm_ldap: attempting LDAP reconnection rlm_ldap: (re)connect to 127.0.0.1:389, authentication 0 rlm_ldap: bind as cn=Administrator,dc=thales,dc=com/thales to 127.0.0.1:389 rlm_ldap: waiting for bind result ... rlm_ldap: Bind was successful rlm_ldap: performing search in dc=thales,dc=com, with filter (uid=hasan) rlm_ldap: checking if remote access for thales is allowed by uid rlm_ldap: Added User-Password = thales in check items rlm_ldap: No default NMAS login sequence rlm_ldap: looking for check items in directory... rlm_ldap: LDAP attribute userPassword as RADIUS attribute User-Password == "thales" rlm_ldap: looking for reply items in directory... rlm_ldap: user authorized to use remote access rlm_ldap: ldap_release_conn: Release Id: 0 ++[ldap] returns ok
but:
rlm_ldap: No default NMAS login sequence
eDirectory? It might need additional settings. Have a look at edir_account_policy_check in ldap module and see if that has been set properly.
Ivan Kalik Kalik Informatika ISP
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html