No authenticate method (Auth-Type) found

Isabelle RECH isabelle.rech-le-recis at enssib.fr
Tue Aug 31 11:55:34 CEST 2010 

Hi Alan,

I 've found the reason why le rlm_ldap module
was not loaded.
Now it's a little better i.e., but now the LDAP
can't authenticate my account:

Below the new output when running
radtest:  /usr/bin/radtest/ -d /etc/freeradius "ldap" "xxxx" 
127.0.0.1:1812 10 testing123:

r/ad_recv: Access-Request packet from host 127.0.0.1 port 36154, id=158, 
length=56
         User-Name = "ldap"
         User-Password = "xxxx"
         NAS-IP-Address = 192.168.55.150
         NAS-Port = 10
+- entering group authorize
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
     rlm_realm: No '/' in User-Name = "ldap", looking up realm NULL
     rlm_realm: No such realm "NULL"
++[IPASS] returns noop
     rlm_realm: No '@' in User-Name = "ldap", looking up realm NULL
     rlm_realm: No such realm "NULL"
++[suffix] returns noop
++[files] returns noop
++[unix] returns notfound
rlm_ldap: - authorize
rlm_ldap: performing user authorization for ldap
         expand: (sAMAccountName=%u) -> (sAMAccountName=ldap)
         expand: dc=privee,dc=enssib,dc=fr -> dc=privee,dc=enssib,dc=fr
rlm_ldap: ldap_get_conn: Checking Id: 0
rlm_ldap: ldap_get_conn: Got Id: 0
rlm_ldap: attempting LDAP reconnection
rlm_ldap: (re)connect to servcdom.privee.enssib.fr:389, authentication 0
rlm_ldap: bind as cn=ldap,cn=users,dc=privee,dc=enssib,dc=fr/xxxx to 
servcdom.privee.enssib.fr:389
rlm_ldap: waiting for bind result ...
rlm_ldap: Bind was successful
rlm_ldap: performing search in dc=privee,dc=enssib,dc=fr, with filter 
(sAMAccountName=ldap)
rlm_ldap: ldap_search() failed: Operations error
rlm_ldap: search failed
rlm_ldap: ldap_release_conn: Release Id: 0
++[ldap] returns fail
Invalid user: [ldap/toti] (from client localhost port 10)
   Found Post-Auth-Type Reject
+- entering group REJECT
         expand: %{User-Name} -> ldap
  attr_filter: Matched entry DEFAULT at line 11
++[attr_filter.access_reject] returns updated
Delaying reject of request 0 for 1 seconds
Going to the next request
Waking up in 0.9 seconds.
Sending delayed reject for request 0
Sending Access-Reject of id 158 to 127.0.0.1 port 36154
Waking up in 4.9 seconds.
Cleaning up request 0 ID 158 with timestamp +206
Ready to process requests./

I've noticed that the account 'ldap' binds successfully the LDAP,
but the connecting step fails.

Thanks for any answer.

Isabelle RECH LE RECIS

Enssib
Département informatique
17-21 Bd du 11 Novembre 1918
69623 Villeurbanne Cedex

Tel : 04 72 44 43 34
http://www.enssib.fr/
__________________________________




Le 24/08/2010 16:09, Alan DeKok a écrit :
> Isabelle RECH wrote:
>    
>> Hi frree-radius users !
>>
>> I'm running a freeradius 2.0.4 on a DEBIAN 5.0.5
>> We want to access an LDAP / windows base , wich is declared
>> in radiusd.conf file
>>
>> Below is the output produced by the radiusd -X debugging mode
>> when I run the radtest :
>>      
> ...
>    
>>   Obviously, it's the authenticate method which
>> is missing . I've add this entry  it in the
>> /etc/freeradius/sites-available/default:
>> -  The entries ldap  pap are uncommented in Authorize {  } section
>>      
>    Read the debug output again.  You did *not* uncomment the "ldap" line
> in the "authorize" section.
>
>    Alan DeKok.
>    


-- 
__________________________________


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20100831/d42518f3/attachment.html>

More information about the Freeradius-Users mailing list