(0) Received Access-Request Id 10 from 127.0.0.1:53177 to 127.0.0.1:1812 length 76 (0) User-Name = "" (0) User-Password = "" (0) NAS-IP-Address = 192.168.16.111 (0) NAS-Port = 0 (0) Message-Authenticator = 0xe66582a3fc25ee072003b80140eda760 (0) # Executing section authorize from file /etc/freeradius/3.0/sites-enabled/default (0) authorize { (0) policy filter_username { (0) if (&User-Name) { (0) if (&User-Name) -> TRUE (0) if (&User-Name) { (0) if (&User-Name =~ / /) { (0) if (&User-Name =~ / /) -> FALSE (0) if (&User-Name =~ /@[^@]*@/ ) { (0) if (&User-Name =~ /@[^@]*@/ ) -> FALSE (0) if (&User-Name =~ /\.\./ ) { (0) if (&User-Name =~ /\.\./ ) -> FALSE (0) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) { (0) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE (0) if (&User-Name =~ /\.$/) { (0) if (&User-Name =~ /\.$/) -> FALSE (0) if (&User-Name =~ /@\./) { (0) if (&User-Name =~ /@\./) -> FALSE (0) } # if (&User-Name) = notfound (0) } # policy filter_username = notfound (0) [preprocess] = ok (0) [chap] = noop (0) [mschap] = noop (0) [digest] = noop (0) suffix: Checking for suffix after "@" (0) suffix: No '@' in User-Name = "", looking up realm NULL (0) suffix: No such realm "NULL" (0) [suffix] = noop (0) eap: No EAP-Message, not doing EAP (0) [eap] = noop (0) [files] = noop rlm_ldap (ldap): Closing connection (0): Hit idle_timeout, was idle for 339 seconds rlm_ldap (ldap): Closing connection (1): Hit idle_timeout, was idle for 339 seconds rlm_ldap (ldap): Closing connection (2): Hit idle_timeout, was idle for 338 seconds rlm_ldap (ldap): You probably need to lower "min" rlm_ldap (ldap): Closing connection (3): Hit idle_timeout, was idle for 338 seconds rlm_ldap (ldap): You probably need to lower "min" rlm_ldap (ldap): Closing connection (4): Hit idle_timeout, was idle for 337 seconds rlm_ldap (ldap): You probably need to lower "min" rlm_ldap (ldap): 0 of 0 connections in use. You may need to increase "spare" rlm_ldap (ldap): Opening additional connection (5), 1 of 32 pending slots used rlm_ldap (ldap): Connecting to ldaps://ldap.google.com:636 rlm_ldap (ldap): Waiting for bind result... rlm_ldap (ldap): Bind successful rlm_ldap (ldap): Reserved connection (5) (0) ldap: EXPAND (uid=%{%{Stripped-User-Name}:-%{User-Name}}) (0) ldap: --> (uid=) (0) ldap: Performing search in "dc=,dc=" with filter "(uid=)", scope "sub" (0) ldap: Waiting for search result... (0) ldap: User object found at DN "uid=,ou=IT,ou=Users,dc=,dc=" (0) ldap: Processing user attributes (0) ldap: WARNING: No "known good" password added. Ensure the admin user has permission to read the password attribute (0) ldap: WARNING: PAP authentication will *NOT* work with Active Directory (if that is what you were trying to configure) rlm_ldap (ldap): Released connection (5) Need 2 more connections to reach min connections (3) rlm_ldap (ldap): Opening additional connection (6), 1 of 31 pending slots used rlm_ldap (ldap): Connecting to ldaps://ldap.google.com:636 rlm_ldap (ldap): Waiting for bind result... rlm_ldap (ldap): Bind successful (0) [ldap] = ok (0) if ((ok || updated) && User-Password) { (0) if ((ok || updated) && User-Password) -> TRUE (0) if ((ok || updated) && User-Password) { (0) update { (0) control:Auth-Type := LDAP (0) } # update = noop (0) } # if ((ok || updated) && User-Password) = noop (0) [expiration] = noop (0) [logintime] = noop (0) pap: WARNING: No "known good" password found for the user. Not setting Auth-Type (0) pap: WARNING: Authentication will fail unless a "known good" password is available (0) [pap] = noop (0) } # authorize = ok (0) Found Auth-Type = LDAP (0) # Executing group from file /etc/freeradius/3.0/sites-enabled/default (0) Auth-Type LDAP { rlm_ldap (ldap): Reserved connection (5) (0) ldap: Login attempt by "" (0) ldap: Using user DN from request "uid=,ou=IT,ou=Users,dc=,dc=" (0) ldap: Waiting for bind result... (0) ldap: Bind successful (0) ldap: Bind as user "uid=,ou=IT,ou=Users,dc=,dc=" was successful rlm_ldap (ldap): Released connection (5) Need 1 more connections to reach min connections (3) rlm_ldap (ldap): Opening additional connection (7), 1 of 30 pending slots used rlm_ldap (ldap): Connecting to ldaps://ldap.google.com:636 rlm_ldap (ldap): Waiting for bind result... rlm_ldap (ldap): Bind successful (0) [ldap] = ok (0) } # Auth-Type LDAP = ok (0) # Executing section post-auth from file /etc/freeradius/3.0/sites-enabled/default (0) post-auth { (0) update { (0) No attributes updated (0) } # update = noop (0) [exec] = noop (0) policy remove_reply_message_if_eap { (0) if (&reply:EAP-Message && &reply:Reply-Message) { (0) if (&reply:EAP-Message && &reply:Reply-Message) -> FALSE (0) else { (0) [noop] = noop (0) } # else = noop (0) } # policy remove_reply_message_if_eap = noop (0) } # post-auth = noop (0) Sent Access-Accept Id 10 from 127.0.0.1:1812 to 127.0.0.1:53177 length 0 (0) Finished request Waking up in 4.9 seconds.