No subject
John
elmer_radius at yahoo.com.cn
Thu Sep 2 06:45:21 CEST 2010
Hi all, We upgrade freeradius from 1.1.6 to 2.1.18 recently. Looks 2.1.8 will reply a Access-Reject when [ldap] return fail, but 1.1.6 is just keep silence. Is there a way to let 2.1.8 reply nothing in the case?
Listening on authentication address * port 1812
Listening on proxy address * port 1814
Ready to process requests.
rad_recv: Access-Request packet from host 10.155.20.85 port 32770, id=182, length=130
Service-Type = Authorize-Only
NAS-Port-Type = Wireless-802.11
User-Name = "test2008"
MS-CHAP-Challenge = 0x766bb4f5ae93e28b4630b8fbc674e137
MS-CHAP2-Response = 0x3700e851effcf3aa3f7731204ca90dcbd98300000000000000006c9248ca4d87e72d0b4a91dbd2672bb1f8f5b725187953ff
NAS-IP-Address = 10.155.20.85
+- entering group authorize {...}
++[chap] returns noop
[mschap] Found MS-CHAP attributes. Setting 'Auth-Type = mschap'
++[mschap] returns ok
[eap] No EAP-Message, not doing EAP
++[eap] returns noop
[ldap] performing user authorization for test2008
[ldap] expand: (sAMAccountName=%{mschap:User-Name}) -> (sAMAccountName=test2008)
[ldap] expand: OU=Domain Controllers,dc=aero-hz,dc=cn -> OU=Domain Controllers,dc=aerohive-hz,dc=cn
[ldap] ldap_get_conn: Checking Id: 0
[ldap] ldap_get_conn: Got Id: 0
[ldap] attempting LDAP reconnection
[ldap] (re)connect to 10.155.3.2:389, authentication 0
[ldap] bind as hhe at aero-hz.cn/w200h to 10.155.3.2:389
[ldap] hhe at aero-hz.cn bind to 10.155.3.2:389 failed: Can't contact LDAP server
[ldap] (re)connection attempt failed
[ldap] search failed
[ldap] ldap_release_conn: Release Id: 0
++[ldap] returns fail
Sending Access-Reject of id 182 to 10.155.20.85 port 32770
Finished request 0.
Going to the next request
Waking up in 4.9 seconds.
Cleaning up request 0 ID 182 with timestamp +10
Ready to process requests.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20100902/e8fd6b82/attachment.html>
More information about the Freeradius-Users
mailing list