LDAP auth success / User reject
Michael Arndt
michael.arndt at berlin.de
Thu Nov 18 15:09:07 CET 2010
Alan,
>Use "-X". You've added an additional "-x", which makes the output harder to read.
ok, understood, attached below
> Thu Nov 18 11:20:52 2010 : Debug: rad_check_password: Found Auth-Type Reject
> Thu Nov 18 11:20:52 2010 : Debug: rad_check_password: Auth-Type = Reject, rejecting user
Well... something is setting that. Go find out what, and fix it.
any hints, how to proceed to debug from where the "Reject" for rad_check_passwd is caused ?
I checked ldap atributes and verified correctness of user passwd for simple bind with ldapsearch
So i at last have exluded trivial errors like testing with a dn or wrong user password
But now i d not see how to trace why the radius request comes back with reject
lm_ldap: waiting for bind result ...
rlm_ldap: Bind was successful
rlm_ldap: performing search in l=Stadt,dc=de,o=Organisation, with filter (uid=test1)
rlm_ldap: looking for check items in directory...
rlm_ldap: looking for reply items in directory...
rlm_ldap: Setting Auth-Type = ldap
rlm_ldap: user test11 authorized to use remote access
rlm_ldap: ldap_release_conn: Release Id: 0
modcall[authorize]: module "ldap" returns ok for request 0
rlm_eap: No EAP-Message, not doing EAP
modcall[authorize]: module "eap" returns noop for request 0
users: Matched entry DEFAULT at line 4
modcall[authorize]: module "files" returns ok for request 0
rlm_pap: Found existing Auth-Type, not changing it.
modcall[authorize]: module "pap" returns noop for request 0
modcall: leaving group authorize (returns ok) for request 0
rad_check_password: Found Auth-Type Reject
rad_check_password: Auth-Type = Reject, rejecting user
auth: Failed to validate the user.
Login incorrect: [test1/testpass] (from client wlanhsp port 0 cli 00:1e:c2:a3:4d:b3)
TIA
Micha
More information about the Freeradius-Users
mailing list