problem configuring freeradius with ldap user database
Sambuddho Chakravarty
sc2516 at columbia.edu
Sat Jun 14 17:30:01 CEST 2008
Hello Alan
Thanks a lot! Ill check this out.
Sambuddho
On Sat, 2008-06-14 at 09:22 +0200, Alan DeKok wrote:
> Sambuddho Chakravarty wrote:
> > I am experiencing a problem while trying to authenticate the
> > username/password in LDAP through a freeradius server. While a regular
> > telnet/ssh to the edge running a openLdap client / PAM module works fine
> > (It is able to authenticate) but the problem arises when trying to
> > authenticate using the freeradius server .
> >
> > This is what the log message looks like :
> >
> > User-Name = "try"
> > User-Password = "trialanderror"
> > NAS-IP-Address = 127.0.0.1
> ...
> > rlm_ldap: performing search in ou=People,dc=example,dc=com, with filter
> > (uid=try)
> > rlm_ldap: Added password {crypt}$1$2Pl0Lm5O$ot8mrXYBaAg12RoBogNDK. in
> > check items
>
> If you do NOTHING more than configure "ldap" in the default
> configuration, this should work.
>
> > modcall[authorize]: module "ldap" returns ok for request 0
> > modcall: group authorize returns ok for request 0
>
> You're not using 2.0, and you've edited the default configuration. DO
> use a recent version. DON'T edit the configuration to re-arrange the
> modules in the "authorize" section.
>
> > Here you can see that the authorization of a user 'try' having password
> > 'trialanderror' works fine but authentication fails. The host running
> > the freeradius server is Fedora Core 5 running linux 2.6.25.
>
> The OS doesn't matter. The version of FreeRADIUS does.
>
> It seems you're using 1.1.x. You should at LEAST upgrade to 1.1.7.
> Then, un-comment the references to LDAP, and configure the LDAP module.
> The test WILL work.
>
> Alan DeKok.
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
More information about the Freeradius-Users
mailing list