Nübie

Javier Basisty javier.basisty at corp.terra.com.ar
Fri Jan 4 22:09:05 CET 2008 

Hi list, i realy need help. Im trying to use pppoe-server + Freeradius + 
OpenLDAP. My problem is Freeradius + LDAP. I followed the manual, step 
by step, but it doesnt work.
My radius.conf is:
       ldap {
               server = "127.0.0.1"
               basedn = "dc=PPP,dc=cicomsa"
               filter = "(uid=%{Stripped-User-Name:-%{User-Name}})"
               # base_filter = "(objectclass=radiusprofile)"

               start_tls = no

               #access_attr = "dialupAccess"
               dictionary_mapping = ${raddbdir}/ldap.attrmap
               ldap_connections_number = 5
               #password_header = "{clear}"
               password_attribute = "userPassword"
               edir_account_policy_check=no
               # groupname_attribute = cn
               # groupmembership_filter = 
"(|(&(objectClass=GroupOfNames)(member=%{Ldap-UserDn}))(&(objectClass=GroupOfUniqueNames)(uniquemember=%{Ldap-UserDn})))"
               # groupmembership_attribute = radiusGroupName
               timeout = 4
               timelimit = 3
               net_timeout = 1
               # compare_check_items = yes
               # do_xlat = yes
               # access_attr_used_for_allow = yes

                # set_auth_type = yes
       }

authorize {
ldap
}

authenticate {
        Auth-Type LDAP {
                ldap
        }
}

and my ldif schema is:
dn: uid=pepe,ou=People,dc=PPP,dc=cicomsa
structuralObjectClass: account
objectClass: top
objectClass: account
objectClass: posixAccount
cn: pepe
uid: pepe
userPassword: 123
uidNumber: 1001
gidNumber: 1024
homeDirectory: /home/pepe1
loginShell: /bin/bash

When i try to test the radius server i got this problem:

[root at tna-080 javier.basisty]# radtest pepe 123 127.0.0.1:0 1 testing123
Sending Access-Request of id 131 to 127.0.0.1 port 1812
        User-Name = "pepe"
        User-Password = "123"
        NAS-IP-Address = 255.255.255.255
        NAS-Port = 1
Re-sending Access-Request of id 131 to 127.0.0.1 port 1812
        User-Name = "pepe"
        User-Password = "123"
        NAS-IP-Address = 255.255.255.255
        NAS-Port = 1
rad_recv: Access-Reject packet from host 127.0.0.1:1812, id=131, length=20
[root at tna-080 javier.basisty]#

and the log is:
Fri Jan  4 15:11:53 2008 : Info: Using deprecated naslist file.  Support 
for this will go away soon.
Fri Jan  4 15:11:53 2008 : Info: rlm_exec: Wait=yes but no output 
defined. Did you mean output=none?
Fri Jan  4 15:11:54 2008 : Info: Ready to process requests.
Fri Jan  4 15:11:59 2008 : Error: rlm_ldap: could not set 
LDAP_OPT_X_TLS_REQUIRE_CERT option to allow
Fri Jan  4 15:11:59 2008 : Auth: Login incorrect: [pepe/123] (from 
client localhost port 2)

Is there something missing? Where is my error? is the ldif wrong or the 
config file? Please, if somebody can send me a tutorial will be glad!

Regards

More information about the Freeradius-Users mailing list