Freeradius Ldap
Cris Boisvert
cris at usai.net
Fri Sep 23 21:59:58 CEST 2005
I'm setting up freeradius to talk to a Ipswitch Imail server for
authetication.
Just needs to do the basic User Pass... Ok.
LDAP Server is 192.168.77.6 (this is all private testing) (the imail
server)
Domain on the server is pork.com
A snippet of the config.
-----------------------------------------------
ldap {
server = "192.168.77.6"
#identity = "cn=root,o=My Org,c=UA"
#password = test1234
basedn = "o=My Org,c=UA"
#filter = "(uid=%{Stripped-User-Name:-%{User-Name}})"
# base_filter = "(objectclass=radiusprofile)"
# set this to 'yes' to use TLS encrypted connections
______________----------------------------------------------
I suspect that I'm having a problem with the Basedn.. On the imail server
the LDAP user and pass is
Root and test1234
The actual mail account that I'm trying to autorize against is test at pork.com
pass test
Below is a Cut form radiusd -X debug..
Anyone have any reccomendations>?
modcall: group authorize returns ok for request 0
rad_check_password: Found Auth-Type LDAP
auth: type "LDAP"
Processing the authenticate section of radiusd.conf
modcall: entering group Auth-Type for request 0
rlm_ldap: - authenticate
rlm_ldap: login attempt by "test at pork.com" with password "test"
radius_xlat: '(uid=test at pork.com)'
radius_xlat: 'o=My Org,c=UA'
rlm_ldap: ldap_get_conn: Checking Id: 0
rlm_ldap: ldap_get_conn: Got Id: 0
rlm_ldap: attempting LDAP reconnection
rlm_ldap: (re)connect to 192.168.77.6:389, authentication 0
rlm_ldap: bind as / to 192.168.77.6:389
rlm_ldap: waiting for bind result ...
rlm_ldap: Bind was successful
rlm_ldap: performing search in o=My Org,c=UA, with filter
(uid=test at pork.com)
rlm_ldap: object not found or got ambiguous search result
rlm_ldap: ldap_release_conn: Release Id: 0
modcall[authenticate]: module "ldap" returns notfound for request 0
modcall: group Auth-Type returns notfound for request 0
auth: Failed to validate the user.
Delaying request 0 for 1 seconds
Finished request 0
Going to the next request
--- Walking the entire request list ---
Waking up in 1 seconds...
--- Walking the entire request list ---
Waking up in 1 seconds...
--- Walking the entire request list ---
Sending Access-Reject of id 37 to 192.168.77.6:2686
Waking up in 4 seconds...
--- Walking the entire request list ---
Cleaning up request 0 ID 37 with timestamp 43345c56
Nothing to do. Sleeping until we see a request.
More information about the Freeradius-Users
mailing list