ldap+freeradius

David N'DAKPAZE lndakpaze at gmail.com
Tue Mar 24 18:30:55 CET 2009


I've seen it and there it is said that we can use crypt passwords but inmy
case i have an access-reject:

rad_recv: Access-Request packet from host 127.0.0.1 port 58647, id=108,
length=5                                             7
        User-Name = "steve"
        User-Password = "xxxxx"
        NAS-IP-Address = 172.30.10.71
        NAS-Port = 1812
+- entering group authorize {...}
++[preprocess] returns ok
++[chap] returns noop
[suffix] No '@' in User-Name = "steve", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[files] users: Matched entry steve at line 76
++[files] returns ok
++[expiration] returns noop
++[logintime] returns noop
++[pap] returns updated
Found Auth-Type = PAP
+- entering group PAP {...}
[pap] login attempt with password "testing"
[pap] Using CRYPT encryption.
[pap] Passwords don't match
++[pap] returns reject
Failed to authenticate the user.
Using Post-Auth-Type Reject
+- entering group REJECT {...}
[attr_filter.access_reject]     expand: %{User-Name} -> steve
 attr_filter: Matched entry DEFAULT at line 11
++[attr_filter.access_reject] returns updated
Delaying reject of request 0 for 1 seconds
Going to the next request
Waking up in 0.9 seconds.
Sending delayed reject for request 0
Sending Access-Reject of id 108 to 127.0.0.1 port 58647
Waking up in 4.9 seconds.
Cleaning up request 0 ID 108 with timestamp +20


2009/3/24 Nicolas Goutte <nicolas.goutte at extragroup.de>

>
>  Am 24.03.2009 um 18:15 schrieb David N'DAKPAZE:
>
>  Please which protocol more secure can i use with ldap as database?
>
>
> As I wrote in the email as answer to my email (and an URL I missed to find
> the whole day as answer to your problems), see
> http://deployingradius.com/documents/protocols/compatibility.html
>
> There you have a list of what protocols can be used when you have which
> type of passwords available for freeradius.
>
>
>
>
> 2009/3/24 Nicolas Goutte <nicolas.goutte at extragroup.de>
>
>>
>>  Am 24.03.2009 um 18:00 schrieb David N'DAKPAZE:
>>
>> I want to use crypt -passwords (pap) but Idon't know where to define it.
>> Only cleartext-passwords are accepted. Can somebody help me
>>
>>
>> PAP needs cleartext passwords (see
>> http://en.wikipedia.org/wiki/Password_authentication_protocol )
>>
>> Have a nice day!
>>
>>
>>
>> 2009/3/24 <tnt at kalik.net>
>>
>>> >Client RADIUS {
>>> ..
>>>
>>> That should be:
>>>
>>> client RADIUS {
>>>  ..
>>>
>>> Ivan Kalik
>>> Kalik Informatika ISP
>>>
>>> -
>>> List info/subscribe/unsubscribe? See
>>> http://www.freeradius.org/list/users.html
>>>
>>
>> -
>> List info/subscribe/unsubscribe? See
>> http://www.freeradius.org/list/users.html
>>
>>
>>  Nicolas Goutte
>>
>>
>> extragroup GmbH - Karlsruhe
>> Waldstr. 49
>> 76133 Karlsruhe
>> Germany
>>
>> Geschäftsführer: Stephan Mönninghoff, Hans Martin Kern, Tilman Haerdle
>> Registergericht: Amtsgericht Münster / HRB: 5624
>> Steuer Nr.: 337/5903/0421 / UstID: DE 204607841
>>
>>
>>
>>
>> -
>> List info/subscribe/unsubscribe? See
>> http://www.freeradius.org/list/users.html
>>
>
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>
>
>  Nicolas Goutte
>
>
> extragroup GmbH - Karlsruhe
> Waldstr. 49
> 76133 Karlsruhe
> Germany
>
> Geschäftsführer: Stephan Mönninghoff, Hans Martin Kern, Tilman Haerdle
> Registergericht: Amtsgericht Münster / HRB: 5624
> Steuer Nr.: 337/5903/0421 / UstID: DE 204607841
>
>
>
>
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20090324/e12acac4/attachment.html>


More information about the Freeradius-Users mailing list