User-Password required Authentication problem

Syed Anwarul Hasan syedanwarulhasan2007 at gmail.com
Thu Aug 28 14:50:55 CEST 2008


Ivan , I have build the free radius on SLES 10 SP2 without e-directory
option. And also in ldap module, it is uncommented by default with value
e-dir_account_policy_check=no.So by default the Novell e-dir check is
disabled and further in the module I have uncommented the set_auth_type=yes
which is by default do LDAP binding for Authentication for Radius Pkts with
User-Password.So I have tried with these options. I am not knowing exactly
where I am going wrong.
Please comment.

Regards,
SYED



On Thu, Aug 28, 2008 at 1:37 PM, Ivan Kalik <tnt at kalik.net> wrote:

> Hm, that should work (password was found):
>
> >rlm_ldap: - authorize
> >rlm_ldap: performing user authorization for thales
> >WARNING: Deprecated conditional expansion ":-".  See "man unlang" for
> >details
> >        expand: (uid=%{Stripped-User-Name:-%{User-Name}}) -> (uid=hasan)
> >        expand: dc=thales,dc=com -> dc=thales,dc=com
> >rlm_ldap: ldap_get_conn: Checking Id: 0
> >rlm_ldap: ldap_get_conn: Got Id: 0
> >rlm_ldap: attempting LDAP reconnection
> >rlm_ldap: (re)connect to 127.0.0.1:389, authentication 0
> >rlm_ldap: bind as cn=Administrator,dc=thales,dc=com/thales to
> 127.0.0.1:389
> >rlm_ldap: waiting for bind result ...
> >rlm_ldap: Bind was successful
> >rlm_ldap: performing search in dc=thales,dc=com, with filter (uid=hasan)
> >rlm_ldap: checking if remote access for thales is allowed by uid
> >rlm_ldap: Added User-Password = thales in check items
> >rlm_ldap: No default NMAS login sequence
> >rlm_ldap: looking for check items in directory...
> >rlm_ldap: LDAP attribute userPassword as RADIUS attribute User-Password ==
> >"thales"
> >rlm_ldap: looking for reply items in directory...
> >rlm_ldap: user  authorized to use remote access
> >rlm_ldap: ldap_release_conn: Release Id: 0
> >++[ldap] returns ok
>
> but:
>
> >rlm_ldap: No default NMAS login sequence
>
> eDirectory? It might need additional settings. Have a look at
> edir_account_policy_check in ldap module and see if that has been set
> properly.
>
> Ivan Kalik
> Kalik Informatika ISP
>
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20080828/7e219ba9/attachment.html>


More information about the Freeradius-Users mailing list