Neal Vadekar wrote:
i am using freeradius 2.1.7 on centos 5.5, i have configured openldap and wish to have authentication/authorization against this datasource.
i have configured my radius.conf as follows:
... almost everything deleted. Why?
i have configured my users file as follows:
test55 Cleartext-Password := "test55" DEFAULT Auth-Type = System Fall-Through = 1 DEFAULT Auth-Type := LDAP Fall-Through = 1
That makes no sense. You're forcing "system" authentication, immediately followed by over-writing that, and forcing LDAP authentication.
when i run “radtest testldap testldap localhost 10 testing123” the out put is as follows:
rad_recv: Access-Request packet from host 127.0.0.1 port 40626, id=223, length=60 User-Name = "testldap" User-Password = "testldap" NAS-IP-Address = 172.16.159.11 NAS-Port = 10 +- entering group authorize {...} ++[preprocess] returns ok ++[chap] returns noop
That should be a hint. The server is using "chap" in the "authorize" section. *But* the "chap" module is not listed in the "authorize" section you posted above.
I do not understand why i get the following error:
Found Auth-Type = LDAP WARNING: Unknown value specified for Auth-Type. Cannot perform requested action.
Because you're not editing the configuration files that the server is reading. Read the debug log. It prints out *which* files it's reading. Compare that list to the files you're editing.
i can tell you when i use radtest with the test55 user directly defined in the users file, it works, also, when I use a unix user in the passwd/shadow files it also works.
Which should be another hint. The "authorize" and "authenticate" sections you posted don't support "unix" authentication. Alan DeKok.