FreeRadius and Openldap authentication
Zoltan A. Ori
z.ori at morehead-st.edu
Mon Jan 2 12:50:53 CET 2006
On Monday 02 January 2006 05:46, rwakim at mind-techno.fr wrote:
> Here is my problem:
>
> When I start the radtest binary:
>
> radtest "test" "supersecret" localhost 2 testing123
>
> rad_recv: Access-Reject packet from host 127.0.0.1:1812, id=45,
> length=20
>
You have set your server to do EAP. radtest does not do EAP use radeapclient
for testing.
>
> Here is the log on the radius server (Started with radiusd -X):
>
> rlm_ldap: looking for reply items in directory...
> rlm_ldap: Adding radiusFilterId as Filter-Id, value
> Enterasys:version=1:policy=Enterprise User & op=11
> rlm_ldap: user test authorized to use remote access
> rlm_ldap: ldap_release_conn: Release Id: 0
> modcall[authorize]: module "ldap" returns ok for request 3
> modcall: group authorize returns ok for request 3
LDAP seems to be working.
> The RADIUS users file:
>
> DEFAULT Auth-Type := EAP
> Fall-Through = 1
> # Reply-Message = "LDAP"
>
>
>
Don't set Auth-Type in the users file. Let the server figure it out.
> I would be grateful if you had a how-to or tutorial on how to build a
> easy and working 802.x authentication with a Radius/LDAP system.
Documentation and how-tos are available in your source doc directory,
www.freeradius.org and wiki.freeradius.org.
Zoltan Ori
More information about the Freeradius-Users
mailing list