problem to authenticate via peap/mschapv2
hi i like to authenticate with my AD over peap/mschapv2... but i become following error... my clients are windowsXP SP2 with SecureW2... my test accesspoint d-link dwl900+ and freeradius 1.0.5 i dont know why they dont send the User-Password... rad_recv: Access-Request packet from host 192.168.13.10:1226, id=16, length=127 User-Name = "wuser" NAS-IP-Address = 192.168.13.10 NAS-Port = 0 Called-Station-Id = "00-80-C8-15-26-66" Calling-Station-Id = "00-0F-B5-E1-90-E6" NAS-Identifier = "numanu" Framed-MTU = 1380 NAS-Port-Type = Wireless-802.11 EAP-Message = 0x0201000a017775736572 Message-Authenticator = 0xf332a25b2eaf0c9e25c989631c721dc5 Processing the authorize section of radiusd.conf modcall: entering group authorize for request 3 modcall[authorize]: module "preprocess" returns ok for request 3 modcall[authorize]: module "mschap" returns noop for request 3 rlm_realm: No '@' in User-Name = "wuser", looking up realm NULL rlm_realm: No such realm "NULL" modcall[authorize]: module "suffix" returns noop for request 3 rlm_eap: EAP packet type response id 1 length 10 rlm_eap: No EAP Start, assuming it's an on-going EAP conversation modcall[authorize]: module "eap" returns updated for request 3 rlm_ldap: Entering ldap_groupcmp() radius_xlat: 'ou=wireless,dc=my,dc=dom' radius_xlat: '(&(sAMAccountname=wuser)(objectClass=person))' rlm_ldap: ldap_get_conn: Checking Id: 0 rlm_ldap: ldap_get_conn: Got Id: 0 rlm_ldap: performing search in ou=wireless,dc=my,dc=dom, with filter (&(sAMAccountname=wuser)(objectClass=person)) rlm_ldap: ldap_release_conn: Release Id: 0 radius_xlat: '(|(&(objectClass=GroupOfNames)(member=CN=wuser,OU=wireless,DC=my,DC=dom))(&(objectClass=GroupOfUniqueNames)(uniquemember=CN=wuser,OU=wireless,DC=my,DC=dom)))' rlm_ldap: ldap_get_conn: Checking Id: 0 rlm_ldap: ldap_get_conn: Got Id: 0 rlm_ldap: performing search in ou=wireless,dc=my,dc=dom, with filter (&(cn=wireless)(|(&(objectClass=GroupOfNames)(member=CN=wuser,OU=wireless,DC=my,DC=dom))(&(objectClass=GroupOfUniqueNames)(uniquemember=CN=wuser,OU=wirel ss,DC=my,DC=dom)))) rlm_ldap: object not found or got ambiguous search result rlm_ldap: ldap_release_conn: Release Id: 0 rlm_ldap: ldap_get_conn: Checking Id: 0 rlm_ldap: ldap_get_conn: Got Id: 0 rlm_ldap: performing search in CN=wuser,OU=wireless,DC=my,DC=dom, with filter (objectclass=*) rlm_ldap: performing search in CN=wireless,OU=Groups,DC=my,DC=dom, with filter (cn=wireless) rlm_ldap::ldap_groupcmp: User found in group wireless rlm_ldap: ldap_release_conn: Release Id: 0 users: Matched entry DEFAULT at line 218 modcall[authorize]: module "files" returns ok for request 3 rlm_ldap: - authorize rlm_ldap: performing user authorization for wuser radius_xlat: '(&(sAMAccountname=wuser)(objectClass=person))' radius_xlat: 'ou=wireless,dc=my,dc=dom' rlm_ldap: ldap_get_conn: Checking Id: 0 rlm_ldap: ldap_get_conn: Got Id: 0 rlm_ldap: performing search in ou=wireless,dc=my,dc=dom, with filter (&(sAMAccountname=wuser)(objectClass=person)) rlm_ldap: looking for check items in directory... rlm_ldap: looking for reply items in directory... rlm_ldap: user wuser authorized to use remote access rlm_ldap: ldap_release_conn: Release Id: 0 modcall[authorize]: module "ldap" returns ok for request 3 modcall: group authorize returns updated for request 3 rad_check_password: Found Auth-Type LDAP auth: type "LDAP" Processing the authenticate section of radiusd.conf modcall: entering group Auth-Type for request 3 rlm_ldap: - authenticate rlm_ldap: Attribute "User-Password" is required for authentication. modcall[authenticate]: module "ldap" returns invalid for request 3 modcall: group Auth-Type returns invalid for request 3 auth: Failed to validate the user. Login incorrect: [wuser] (from client ap port 0 cli 00-0F-B5-E1-90-E6) Delaying request 3 for 1 seconds Finished request 3 Going to the next request --- Walking the entire request list --- Waking up in 1 sec
participants (1)
-
Konne