Need help Configuring Radius and Ldap

James Winter james.winter at saintjoe.edu
Fri Dec 3 17:39:22 CET 2010


My apologies before hand if this is an easy fix, but I have been  
working on configuring a radius server on and off now for a few weeks.  
As a note, I have Radius 2.1.10 installed and I am trying to  
authenticate using Ldap as the user database. I have little to no  
experience in both Radius and Ldap, but I have been reading up and  
looking for documents that explain the process well. The majority of  
documents that I did find were on an older version of radius, or were  
not pertinent to my situation. The following is a copy of my screen  
when I try authenticating a remote device to the radius server, please  
let me know if this helps(or if you would like more information on my  
config)


Thanks in advance,

- James

# Executing section authorize from file /etc/raddb/sites-enabled/default
+- entering group authorize {...}
++[preprocess] returns ok
[files] users: Matched entry DEFAULT at line 58
++[files] returns ok
[ldap] performing user authorization for jwn6657
[ldap] 	expand: (samaccountname=%{User-Name}) ->  
(samaccountname=jwn6657)
[ldap] 	expand: cn=Users,dc=ds,dc=saintjoe,dc=edu ->  
cn=Users,dc=ds,dc=saintjoe,dc=edu
  [ldap] ldap_get_conn: Checking Id: 0
  [ldap] ldap_get_conn: Got Id: 0
  [ldap] performing search in cn=Users,dc=ds,dc=saintjoe,dc=edu, with  
filter (samaccountname=jwn6657)
[ldap] looking for check items in directory...
[ldap] looking for reply items in directory...
WARNING: No "known good" password was found in LDAP.  Are you sure  
that the user is configured correctly?
[ldap] user jwn6657 authorized to use remote access
  [ldap] ldap_release_conn: Release Id: 0
++[ldap] returns ok
++[expiration] returns noop
++[logintime] returns noop
[pap] WARNING! No "known good" password found for the user.   
Authentication may fail because of this.
++[pap] returns noop
Found Auth-Type = ntlm_auth
# Executing group from file /etc/raddb/sites-enabled/default
+- entering group ntlm_auth {...}
[2010/12/03 10:14:58.799575,  1] param/loadparm.c:6494(map_parameter)
  Unknown parameter encountered: "idmap domains"
[2010/12/03 10:14:58.799645,  0] param/loadparm.c:7588(lp_do_parameter)
  Ignoring unknown parameter "idmap domains"
[2010/12/03 10:14:58.799870,  1] param/loadparm.c:6494(map_parameter)
  Unknown parameter encountered: "master browser"
[2010/12/03 10:14:58.799883,  0] param/loadparm.c:7588(lp_do_parameter)
  Ignoring unknown parameter "master browser"
Exec-Program output: NT_STATUS_OK: Success (0x0)
Exec-Program-Wait: plaintext: NT_STATUS_OK: Success (0x0)
Exec-Program: returned: 0
++[ntlm_auth] returns ok
# Executing section post-auth from file /etc/raddb/sites-enabled/default
+- entering group post-auth {...}
++[exec] returns noop
Sending Access-Accept of id 186 to 131.93.254.2 port 4844
Finished request 3.
Going to the next request
Waking up in 4.9 seconds.
Cleaning up request 3 ID 186 with timestamp +452
Ready to process requests.




More information about the Freeradius-Users mailing list