Ok, I will work with what you provided - thank you.
Could you please let me know why the following conflicting message
shows up after the No "known good" message?
Tue Jun 17 11:53:43 2014 : Info: [ldap] user
jjenkins authorized to use remote access
Tue Jun 17 11:53:43 2014 : Debug: [ldap]
ldap_release_conn: Release Id: 0
Tue Jun 17 11:53:43 2014 : Info: ++[ldap] returns ok
On 06/17/2014 01:41 PM, Phil Mayers
wrote:
On
17/06/2014 18:01, Jon Jenkins wrote:
Tue Jun 17 11:53:43 2014 : Debug: WARNING:
No "known good" password was
found in LDAP. Are you sure that the user is configured
correctly?
This is the relevant line.
FreeRADIUS is built around using LDAP as a database; you store the
passwords there, and FreeRADIUS does the auth. Here, it can't find
a password, so it can't auth.
Also aince you're doing peap, you also are probably doing mschap
inside the tunnel, and there's no "mschap" module in your
inner-tunnel any more. Suggest you revert to the default config
and start by making small changes.
Finally, if your LDAP directory doesn't contain passwords and can
only be used as an "oracle", then it can't be used for
peap/mschap. See:
http://deployingradius.com/documents/protocols/oracles.html
...and
http://deployingradius.com/documents/protocols/compatibility.html
-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html