hi
 
Radius(freeradius)  server has configured and integrated with Openldap server  for user authentication.
Using radtest, NTRadPing and Radiustest (Utility) it is working fine.  I got Access-Acept by using this utility.
When i try from enduser through Wireless access point i may not able to authenticate. Wireless access point is configured with WPA for security.
From the radius debug level log and slapd log i can able to see that it can able to fetch  username and it was successful but in the case of userPassword authetication was getting failed.
Am attaching the radius debug level log or your reference
 

 

 

 

rad_recv: Access-Request packet from host 192.168.1.100:1645, id=45, length=130

        User-Name = "sivaji"

        Framed-MTU = 1400

        Called-Station-Id = "0023.045c.3f20"

        Calling-Station-Id = "001f.3c78.503a"

        Service-Type = Login-User

        Message-Authenticator = 0xd56b1bff210c624ccf5b1d5c56285f10

        EAP-Message = 0x0202000b01736976616a69

        NAS-Port-Type = Wireless-802.11

        NAS-Port = 542

        NAS-Port-Id = "542"

        NAS-IP-Address = 192.168.1.100

        NAS-Identifier = "ap"

  Processing the authorize section of radiusd.conf

modcall: entering group authorize for request 0

  modcall[authorize]: module "preprocess" returns ok for request 0

    rlm_realm: No '@' in User-Name = "sivaji", looking up realm NULL

    rlm_realm: No such realm "NULL"

  modcall[authorize]: module "suffix" returns noop for request 0

  rlm_eap: EAP packet type response id 2 length 11

  rlm_eap: No EAP Start, assuming it's an on-going EAP conversation

  modcall[authorize]: module "eap" returns updated for request 0

    users: Matched entry DEFAULT at line 157

  modcall[authorize]: module "files" returns ok for request 0

rlm_ldap: - authorize

rlm_ldap: performing user authorization for sivaji

radius_xlat:  '(uid=sivaji)'

radius_xlat:  'dc=rgipt,dc=in'

rlm_ldap: ldap_get_conn: Checking Id: 0

rlm_ldap: ldap_get_conn: Got Id: 0

rlm_ldap: attempting LDAP reconnection

rlm_ldap: (re)connect to localhost:389, authentication 0

rlm_ldap: bind as / to localhost:389

rlm_ldap: waiting for bind result ...

rlm_ldap: Bind was successful

rlm_ldap: performing search in dc=rgipt,dc=in, with filter (uid=sivaji)

rlm_ldap: looking for check items in directory...

rlm_ldap: looking for reply items in directory...

rlm_ldap: user sivaji authorized to use remote access

rlm_ldap: ldap_release_conn: Release Id: 0

  modcall[authorize]: module "ldap" returns ok for request 0

modcall: leaving group authorize (returns updated) for request 0

  rad_check_password:  Found Auth-Type LDAP

auth: type "LDAP"

  Processing the authenticate section of radiusd.conf

modcall: entering group LDAP for request 0

 

rlm_ldap: - authenticate

rlm_ldap: Attribute "User-Password" is required for authentication.

 

  modcall[authenticate]: module "ldap" returns invalid for request 0

modcall: leaving group LDAP (returns invalid) for request 0

auth: Failed to validate the user.

Login incorrect: [sivaji] (from client AP port 542 cli 001f.3c78.503a)

Delaying request 0 for 1 seconds

Finished request 0

Going to the next request

--- Walking the entire request list ---

Waking up in 1 seconds...

--- Walking the entire request list ---

Waking up in 1 seconds...

--- Walking the entire request list ---

Sending Access-Reject of id 45 to 192.168.1.100 port 1645

Waking up in 4 seconds...

--- Walking the entire request list ---

Cleaning up request 0 ID 45 with timestamp 4960b0d2

Nothing to do.  Sleeping until we see a request.