No "known good" in ldap authorizes?
I've got something odd happening. I'm using freeradius and it's ldap module to authenticate/ authorize users for a l2tp vpn connection. Works (mostly) fine, except for some odd timeout issues I'll cover elsewhere (see following post re: LDAP timeouts). Valid users with valid passwords connect, other combinations don't (valid user,. invalid password, invalid user with invalid password,etc.) But i see this in the log when running with radiusd -X: [ldap] looking for reply items in directory... WARNING: No "known good" password was found in LDAP. Are you sure that the user is configured correctly? [ldap] user test_user authorized to use remote access ? Rick
freeradius@corwyn.net wrote:
But i see this in the log when running with radiusd -X:
[ldap] looking for reply items in directory... WARNING: No "known good" password was found in LDAP. Are you sure that the user is configured correctly?
It means that the LDAP search returned nothing. What happens if you try the same user again? Do you get the same thing, or does it now find a password? Alan DeKok.
At 02:50 AM 1/20/2010, Alan DeKok wrote:
freeradius@corwyn.net wrote:
But i see this in the log when running with radiusd -X:
[ldap] looking for reply items in directory... WARNING: No "known good" password was found in LDAP. Are you sure that the user is configured correctly?
It means that the LDAP search returned nothing. What happens if you try the same user again? Do you get the same thing, or does it now find a password?
I get the same thing. Note that the first and second time the user is permitted to log in. Rick
Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
participants (2)
-
Alan DeKok -
freeradius@corwyn.net