ldap+freeradius
David N'DAKPAZE
lndakpaze at gmail.com
Tue Mar 24 18:30:55 CET 2009
I've seen it and there it is said that we can use crypt passwords but inmy
case i have an access-reject:
rad_recv: Access-Request packet from host 127.0.0.1 port 58647, id=108,
length=5 7
User-Name = "steve"
User-Password = "xxxxx"
NAS-IP-Address = 172.30.10.71
NAS-Port = 1812
+- entering group authorize {...}
++[preprocess] returns ok
++[chap] returns noop
[suffix] No '@' in User-Name = "steve", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[files] users: Matched entry steve at line 76
++[files] returns ok
++[expiration] returns noop
++[logintime] returns noop
++[pap] returns updated
Found Auth-Type = PAP
+- entering group PAP {...}
[pap] login attempt with password "testing"
[pap] Using CRYPT encryption.
[pap] Passwords don't match
++[pap] returns reject
Failed to authenticate the user.
Using Post-Auth-Type Reject
+- entering group REJECT {...}
[attr_filter.access_reject] expand: %{User-Name} -> steve
attr_filter: Matched entry DEFAULT at line 11
++[attr_filter.access_reject] returns updated
Delaying reject of request 0 for 1 seconds
Going to the next request
Waking up in 0.9 seconds.
Sending delayed reject for request 0
Sending Access-Reject of id 108 to 127.0.0.1 port 58647
Waking up in 4.9 seconds.
Cleaning up request 0 ID 108 with timestamp +20
2009/3/24 Nicolas Goutte <nicolas.goutte at extragroup.de>
>
> Am 24.03.2009 um 18:15 schrieb David N'DAKPAZE:
>
> Please which protocol more secure can i use with ldap as database?
>
>
> As I wrote in the email as answer to my email (and an URL I missed to find
> the whole day as answer to your problems), see
> http://deployingradius.com/documents/protocols/compatibility.html
>
> There you have a list of what protocols can be used when you have which
> type of passwords available for freeradius.
>
>
>
>
> 2009/3/24 Nicolas Goutte <nicolas.goutte at extragroup.de>
>
>>
>> Am 24.03.2009 um 18:00 schrieb David N'DAKPAZE:
>>
>> I want to use crypt -passwords (pap) but Idon't know where to define it.
>> Only cleartext-passwords are accepted. Can somebody help me
>>
>>
>> PAP needs cleartext passwords (see
>> http://en.wikipedia.org/wiki/Password_authentication_protocol )
>>
>> Have a nice day!
>>
>>
>>
>> 2009/3/24 <tnt at kalik.net>
>>
>>> >Client RADIUS {
>>> ..
>>>
>>> That should be:
>>>
>>> client RADIUS {
>>> ..
>>>
>>> Ivan Kalik
>>> Kalik Informatika ISP
>>>
>>> -
>>> List info/subscribe/unsubscribe? See
>>> http://www.freeradius.org/list/users.html
>>>
>>
>> -
>> List info/subscribe/unsubscribe? See
>> http://www.freeradius.org/list/users.html
>>
>>
>> Nicolas Goutte
>>
>>
>> extragroup GmbH - Karlsruhe
>> Waldstr. 49
>> 76133 Karlsruhe
>> Germany
>>
>> Geschäftsführer: Stephan Mönninghoff, Hans Martin Kern, Tilman Haerdle
>> Registergericht: Amtsgericht Münster / HRB: 5624
>> Steuer Nr.: 337/5903/0421 / UstID: DE 204607841
>>
>>
>>
>>
>> -
>> List info/subscribe/unsubscribe? See
>> http://www.freeradius.org/list/users.html
>>
>
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>
>
> Nicolas Goutte
>
>
> extragroup GmbH - Karlsruhe
> Waldstr. 49
> 76133 Karlsruhe
> Germany
>
> Geschäftsführer: Stephan Mönninghoff, Hans Martin Kern, Tilman Haerdle
> Registergericht: Amtsgericht Münster / HRB: 5624
> Steuer Nr.: 337/5903/0421 / UstID: DE 204607841
>
>
>
>
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20090324/e12acac4/attachment.html>
More information about the Freeradius-Users
mailing list