User-Password required Authentication problem

Ivan Kalik tnt at
Thu Aug 28 22:20:54 CEST 2008

Well, I would follow documentation and recompile with that option. It's
hard to imagine facts will change without it.

Again Auth-Type will be set if password is located in ldap, so that
won't work either.

Ivan Kalik
Kalik Informatika ISP

Dana 28/8/2008, "Syed Anwarul Hasan" <syedanwarulhasan2007 at>

>Ivan , I have build the free radius on SLES 10 SP2 without e-directory
>option. And also in ldap module, it is uncommented by default with value
>e-dir_account_policy_check=no.So by default the Novell e-dir check is
>disabled and further in the module I have uncommented the set_auth_type=yes
>which is by default do LDAP binding for Authentication for Radius Pkts with
>User-Password.So I have tried with these options. I am not knowing exactly
>where I am going wrong.
>Please comment.
>On Thu, Aug 28, 2008 at 1:37 PM, Ivan Kalik <tnt at> wrote:
>> Hm, that should work (password was found):
>> >rlm_ldap: - authorize
>> >rlm_ldap: performing user authorization for thales
>> >WARNING: Deprecated conditional expansion ":-".  See "man unlang" for
>> >details
>> >        expand: (uid=%{Stripped-User-Name:-%{User-Name}}) -> (uid=hasan)
>> >        expand: dc=thales,dc=com -> dc=thales,dc=com
>> >rlm_ldap: ldap_get_conn: Checking Id: 0
>> >rlm_ldap: ldap_get_conn: Got Id: 0
>> >rlm_ldap: attempting LDAP reconnection
>> >rlm_ldap: (re)connect to, authentication 0
>> >rlm_ldap: bind as cn=Administrator,dc=thales,dc=com/thales to
>> >rlm_ldap: waiting for bind result ...
>> >rlm_ldap: Bind was successful
>> >rlm_ldap: performing search in dc=thales,dc=com, with filter (uid=hasan)
>> >rlm_ldap: checking if remote access for thales is allowed by uid
>> >rlm_ldap: Added User-Password = thales in check items
>> >rlm_ldap: No default NMAS login sequence
>> >rlm_ldap: looking for check items in directory...
>> >rlm_ldap: LDAP attribute userPassword as RADIUS attribute User-Password ==
>> >"thales"
>> >rlm_ldap: looking for reply items in directory...
>> >rlm_ldap: user  authorized to use remote access
>> >rlm_ldap: ldap_release_conn: Release Id: 0
>> >++[ldap] returns ok
>> but:
>> >rlm_ldap: No default NMAS login sequence
>> eDirectory? It might need additional settings. Have a look at
>> edir_account_policy_check in ldap module and see if that has been set
>> properly.
>> Ivan Kalik
>> Kalik Informatika ISP
>> -
>> List info/subscribe/unsubscribe? See

More information about the Freeradius-Users mailing list