groupcmp fails during tunneled request
Ivan Kalik
tnt at kalik.net
Tue Apr 28 16:41:22 CEST 2009
> I'm having an issue with the group check (ldap_groupcmp).
>
> Everything is fine until the request is tunnelled, and I can't find out
> why my user is rejected there....
> It seems that he ends in this section during this phase:
> DEFAULT Ldap-Group == BANNED , Auth-Type := Reject
> Reply-Message = "Account disabled. Please call the helpdesk."
>
No. That didn't match.
> Tue Apr 28 11:42:35 2009 : Debug: rlm_ldap::groupcmp: Group BANNED not
> found or user not a member
See.
> Tue Apr 28 11:42:35 2009 : Debug: rlm_ldap: ldap_release_conn: Release Id:
> 0
> Tue Apr 28 11:42:35 2009 : Info: [files] users: Matched entry DEFAULT at
> line 15
But something else did. What is on line 15 in users file?
> Tell me if you need more debug output...
We do. This doesn't show anything. Post the debug with whole inner tunnel
exchange.
> It was working perfectly before I introduced the group check using the
> huntgroups.
>
Huntgroups?
Ivan Kalik
Kalik Informatika ISP
More information about the Freeradius-Users
mailing list