FreeRadius on MacOS X Server

Andreas Hubert ahu at censhare.de
Tue Aug 17 20:01:43 CEST 2010


 Okay sorry again, I tried it completely fresh, with empty logs and debug mode.
This time I don't get the error with missing com.apple.access_radius group on booth servers.
Can anyone see, why who what's the problem and difference between these servers?
They are boot configured the same, Airport has same configuration, client uses same configuration, but if the first server is up, it does not work and if the second server is up it works.
See logs attached.
-2 works
-1 does not work

Am 17.08.10 19:01, schrieb Andreas Hubert:
>  After a bit more investigating, I think I come closer to the problem and can locate it on somewhere with Mac OS X Server Access Control List for services.
> We have a second server here, which is Open Directory Replica and the RADIUS connection with this server works!
> I attach logfile from server1 - radiusd-1.log where I have the problem and server2 - radiusd-2.log where it works.
> So there are two more problems to solve:
> - How to fix this rights problem on server1
> - Why don't I get an IP address by the airport after authenticating with server2? :(
>
> But I guess the freeradius mailinglist is the wrong place for non-radius related problems :(
> Maybe anyone here with more MacOS X Server and Airport/RADIUS experience who may help me?
>
> Am 17.08.10 17:59, schrieb Alan DeKok:
>> Andreas Hubert wrote:
>>>  Like it is always:
>>>
>>> Tue Aug 17 17:42:48 2010 : Auth: rlm_opendirectory: User <ahu> is authorized.
>>> Tue Aug 17 17:42:57 2010 : Error: rlm_eap: No EAP session matching the State variable.
>>> Tue Aug 17 17:44:21 2010 : Auth: rlm_opendirectory: User <ahu> is authorized.
>>> Tue Aug 17 17:44:30 2010 : Error: rlm_eap: No EAP session matching the State variable.
>>   And as always, run the server in debugging mode as suggested in the
>> FAQ, README, "man page", and daily on this list.
>>
>>> Can you please specify how it is all together configured in your environment that it works?
>>   Read the previous responses to your message on this list.  The
>> instructions are there.
>>
>>   Alan DeKok.
>> -
>> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>>
>>
>> -
>> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20100817/f2163cb8/attachment.html>
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: radiusd-2.log
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20100817/f2163cb8/attachment.ksh>
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: radiusd-1.log
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20100817/f2163cb8/attachment-0001.ksh>


More information about the Freeradius-Users mailing list