Doubt - Freeradius + Ldap
Eduardo Moreira
eduardomoreirars at gmail.com
Fri Nov 5 20:24:17 CET 2010
Thanks john , i install in debian server, default config, apt-get
install ....
Directory is: /etc/freeradius ;
Sorry, im newbie, but before i configure ldap module freeradius work,
after configure ldap module, no way to connect, certain my problem stays
with module ldap, authentication ...
But dont see where ...
Thanks for u reply.
On 11/05/2010 05:17 PM, John Dennis wrote:
> On 11/05/2010 03:06 PM, Phil Mayers wrote:
>> On 11/05/2010 06:47 PM, Eduardo Moreira wrote:
>>> sorry, but where i checked the shared secret? in clients.conf?
>>
>> Yes
>>
>>>
>>> if yes, secret is ok!
>>
>> No it isn't; look at the packet:
>>
>>>> Mon Nov 1 15:06:16 2010 : Debug: Ready to process requests.
>>>> rad_recv: Access-Request packet from host 10.12.60.19 port 50105,
>>>> id=100, length=73
>>>> User-Name = "username"
>>>> User-Password = "c\355W'\021tC\372\177R\232(\007\027n\263"
>>>> NAS-IP-Address = 127.0.1.1
>>>> NAS-Port = 1812
>>>> Framed-Protocol = PPP
>>
>> The User-Password attribute has clearly been decrypted badly; this means
>> you've got the shared secret wrong somewhere.
>
> A common problem for folks who build their own versions of freeradius
> and mix it with a prebuilt version is the "root prefix" is different.
> If you build yourself the $prefix defaults to "/usr/local", but
> (most?) all prebuilt packages use $prefix of "/usr". That means you
> can end up with two copies of your config files (and loads of other
> files).
>
> Carefully look at the debug output of your radiusd -X, it will give
> you the full path of the files it's reading. Make sure the
> clients.conf you're looking at is *exactly* the same one the server is
> *actually* reading. Do this even if you haven't built your own
> package, just for sanity sake.
>
More information about the Freeradius-Users
mailing list