Pop3 and LDAP authentication...Multiple radius servers

Eric Martell workoutexcite at yahoo.com
Tue Aug 26 17:28:57 CEST 2008 

Here is the entire log.

rad_recv: Access-Request packet from host 167.206.23.94:1054, id=14, length=59
        User-Name = "testaccount at xyz.net"
        User-Password = "test"
  Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 0
  modcall[authorize]: module "preprocess" returns ok for request 0
  modcall[authorize]: module "chap" returns noop for request 0
  modcall[authorize]: module "mschap" returns noop for request 0
    rlm_realm: Looking up realm "xyz.net" for User-Name = "testaccount at xyz.net"
    rlm_realm: Found realm "xyz.net"
    rlm_realm: Adding Stripped-User-Name = "testaccount"
    rlm_realm: Proxying request from user testaccount to realm xyz.net
    rlm_realm: Adding Realm = "xyz.net"
    rlm_realm: Preparing to proxy authentication request to realm "xyz.net" 
  modcall[authorize]: module "suffix" returns updated for request 0
  rlm_eap: No EAP-Message, not doing EAP
  modcall[authorize]: module "eap" returns noop for request 0
    users: Matched entry DEFAULT at line 75
    users: Matched entry DEFAULT at line 180
    users: Matched entry DEFAULT at line 184
  modcall[authorize]: module "files" returns ok for request 0
modcall: entering group group for request 0
rlm_ldap: - authorize
rlm_ldap: performing user authorization for testaccount
radius_xlat:  '(uid=testaccount)'
radius_xlat:  'dc=test1,dc=net,o=internet'
rlm_ldap: ldap_get_conn: Checking Id: 0
rlm_ldap: ldap_get_conn: Got Id: 0
rlm_ldap: attempting LDAP reconnection
rlm_ldap: (re)connect to test1dir.net:389, authentication 0
rlm_ldap: bind as uid=mmpProxy,o=internet/MMPzzzz to test1dir.net:389
rlm_ldap: waiting for bind result ...
rlm_ldap: Bind was successful
rlm_ldap: performing search in dc=test1,dc=net,o=internet, with filter (uid=testaccount)
rlm_ldap: object not found or got ambiguous search result
rlm_ldap: search failed
rlm_ldap: ldap_release_conn: Release Id: 0
  modcall[authorize]: module "ldap1" returns notfound for request 0
rlm_ldap: - authorize
rlm_ldap: performing user authorization for testaccount
radius_xlat:  '(&(uid=testaccount)(entitlements=WIFILOC1))'
radius_xlat:  'ou=roles,o=entitlement'
rlm_ldap: ldap_get_conn: Checking Id: 0
rlm_ldap: ldap_get_conn: Got Id: 0
rlm_ldap: attempting LDAP reconnection
rlm_ldap: (re)connect to ldap://asdadasdt:389, authentication 0
rlm_ldap: bind as uid=appuser,ou=appadm,o=entitlement/Paadaad to ldap://adasdasdas:389
rlm_ldap: uid=appuser,ou=appadm,o=entitlement bind to ldap://vadsdsdsad:389 failed: Can't contact LDAP server
rlm_ldap: (re)connection attempt failed
rlm_ldap: search failed
rlm_ldap: ldap_release_conn: Release Id: 0
  modcall[authorize]: module "ldap2" returns fail for request 0
modcall: group group returns reject for request 0
modcall: group authorize returns reject for request 0
Invalid user (rlm_ldap: User not found): [testaccount at xyz.net] (from client adasdas port 0)
Cancelling proxy as request was already rejected
Request 0 rejected in proxy_send.
Server rejecting request 0.
Finished request 0
Going to the next request
--- Walking the entire request list ---
Waking up in 1 seconds...
--- Walking the entire request list ---
Sending Access-Reject of id 14 to 167.206.23.94:1054
Waking up in 4 seconds...
--- Walking the entire request list ---
Cleaning up request 0 ID 14 with timestamp 48b41aaf
Nothing to do.  Sleeping until we see a request.



--- On Tue, 8/26/08, Alan DeKok <aland at deployingradius.com> wrote:
From: Alan DeKok <aland at deployingradius.com>
Subject: Re: Pop3 and LDAP authentication...Multiple radius servers
To: workoutexcite at yahoo.com, "FreeRadius users mailing list" <freeradius-users at lists.freeradius.org>
Date: Tuesday, August 26, 2008, 11:13 AM

Eric Martell wrote:
> I am sending request thru radclient on radiusa. But for some reason the
> request does not get proxied to radiusb.
> 
> This is the radius -X log.

  You've edited it so that most of it is missing.

  i.e. the part where it either decides to proxy, or to authenticate
locally.

  Alan DeKok.



      
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20080826/3d8fcf63/attachment.html>

More information about the Freeradius-Users mailing list