FreeRadius and Redundant LDAP Problems
Alan DeKok
aland at deployingradius.com
Sat Aug 14 01:08:32 CEST 2010
Kory Wheatley wrote:
> Was un-commented and below is the output from trying to authenticate a
> user that is a member of the DialupFS group and does not have an account
> in /etc/passwd. For some reason it is falling though to PAP and saying
> "No authenticate method (Auth-Type) configuration found for the request:".
Because of an earlier error, which you ignored:
> [ldap-server1] looking for check items in directory...
> [ldap-server1] looking for reply items in directory...
> WARNING: No "known good" password was found in LDAP. Are you sure that
> the user is configured correctly?
The LDAP query did not return a "known good" password. So the user
cannot be authenticated.
> This behavior only started when I tried to implement redundant ldap
> servers and in the users file having DEFAULT LDAP Groups for each LDAP
> module.
I have no idea what that means.
> If I do not use the redundant LDAP servers and just place both LDAP
> servers in the LDAP module like this it works correctly:
>
> server ="server1.somedomain.com, server2.somedomain.com "
Since you haven't explained what you put in the "users" file entry, it
is difficult to know what was misconfigured.
Alan DeKok.
More information about the Freeradius-Users
mailing list