hi Radius(freeradius) server has configured and integrated with Openldap server for user authentication. Using radtest, NTRadPing and Radiustest (Utility) it is working fine. I got Access-Acept by using this utility. When i try from enduser through Wireless access point i may not able to authenticate. Wireless access point is configured with WPA for security.
From the radius debug level log and slapd log i can able to see that it can able to fetch username and it was successful but in the case of userPassword authetication was getting failed. Am attaching the radius debug level log or your reference
rad_recv: Access-Request packet from host 192.168.1.100:1645, id=45, length=130 * User-Name = "sivaji"* Framed-MTU = 1400 Called-Station-Id = "0023.045c.3f20" Calling-Station-Id = "001f.3c78.503a" Service-Type = Login-User Message-Authenticator = 0xd56b1bff210c624ccf5b1d5c56285f10 EAP-Message = 0x0202000b01736976616a69 NAS-Port-Type = Wireless-802.11 NAS-Port = 542 NAS-Port-Id = "542" NAS-IP-Address = 192.168.1.100 NAS-Identifier = "ap" Processing the authorize section of radiusd.conf modcall: entering group authorize for request 0 modcall[authorize]: module "preprocess" returns ok for request 0 *rlm_realm: No '@' in User-Name = "sivaji", looking up realm NULL* * rlm_realm: No such realm "NULL"* modcall[authorize]: module "suffix" returns noop for request 0 rlm_eap: EAP packet type response id 2 length 11 rlm_eap: No EAP Start, assuming it's an on-going EAP conversation modcall[authorize]: module "eap" returns updated for request 0 users: Matched entry DEFAULT at line 157 * modcall[authorize]: module "files" returns ok for request 0* rlm_ldap: - authorize rlm_ldap: performing user authorization for sivaji *radius_xlat: '(uid=sivaji)'* *radius_xlat: 'dc=rgipt,dc=in'* rlm_ldap: ldap_get_conn: Checking Id: 0 rlm_ldap: ldap_get_conn: Got Id: 0 rlm_ldap: attempting LDAP reconnection rlm_ldap: (re)connect to localhost:389, authentication 0 *rlm_ldap: bind as / to localhost:389* *rlm_ldap: waiting for bind result ...* *rlm_ldap: Bind was successful* *rlm_ldap: performing search in dc=rgipt,dc=in, with filter (uid=sivaji)* rlm_ldap: looking for check items in directory... rlm_ldap: looking for reply items in directory... *rlm_ldap: user sivaji authorized to use remote access* rlm_ldap: ldap_release_conn: Release Id: 0 modcall[authorize]: module "ldap" returns ok for request 0 modcall: leaving group authorize (returns updated) for request 0 rad_check_password: Found Auth-Type LDAP auth: type "LDAP" Processing the authenticate section of radiusd.conf modcall: entering group LDAP for request 0 *rlm_ldap: - authenticate* *rlm_ldap: Attribute "User-Password" is required for authentication.* * * * modcall[authenticate]: module "ldap" returns invalid for request 0* *modcall: leaving group LDAP (returns invalid) for request 0* *auth: Failed to validate the user.* *Login incorrect: [sivaji] (from client AP port 542 cli 001f.3c78.503a)* *Delaying request 0 for 1 seconds* *Finished request 0* Going to the next request --- Walking the entire request list --- Waking up in 1 seconds... --- Walking the entire request list --- Waking up in 1 seconds... --- Walking the entire request list --- Sending Access-Reject of id 45 to 192.168.1.100 port 1645 Waking up in 4 seconds... --- Walking the entire request list --- Cleaning up request 0 ID 45 with timestamp 4960b0d2 Nothing to do. Sleeping until we see a request.