problem with LDAP backend
Frank Bonnet
f.bonnet at esiee.fr
Wed Aug 31 17:02:32 CEST 2011
Hello
Still trying to use freeradius with chillispot I still have problems
I'm trying to use mixed authentication
MAC addresses for some video devices in the "users" file
as follows :
00-06-F4-0D-08-66 Auth-Type := Local, User-Password == "xxxxxxxx"
Framed-IP-Address = 192.168.182.213,
Fall-Through = Yes
LDAP backend for "real" users at the end of the "users" file I have this
statement
DEFAULT Auth-Type = LDAP
Fall-Through = 1
This configuration were working well on a very old debian machine which
died suddenly
When I try to access the the chilli portal it ask radius for authentication
but it dows not work. See below the debug trace of radius daemon.
Help greatly appreciated, thank you.
Wed Aug 31 16:52:39 2011 : Debug: Processing the authorize section of
radiusd.conf
Wed Aug 31 16:52:39 2011 : Debug: modcall: entering group authorize for
request 15
Wed Aug 31 16:52:39 2011 : Debug: modsingle[authorize]: calling
preprocess (rlm_preprocess) for request 15
Wed Aug 31 16:52:39 2011 : Debug: modsingle[authorize]: returned from
preprocess (rlm_preprocess) for request 15
Wed Aug 31 16:52:39 2011 : Debug: modcall[authorize]: module
"preprocess" returns ok for request 15
Wed Aug 31 16:52:39 2011 : Debug: modsingle[authorize]: calling eap
(rlm_eap) for request 15
Wed Aug 31 16:52:39 2011 : Debug: rlm_eap: No EAP-Message, not doing EAP
Wed Aug 31 16:52:39 2011 : Debug: modsingle[authorize]: returned from
eap (rlm_eap) for request 15
Wed Aug 31 16:52:39 2011 : Debug: modcall[authorize]: module "eap"
returns noop for request 15
Wed Aug 31 16:52:39 2011 : Debug: modsingle[authorize]: calling files
(rlm_files) for request 15
Wed Aug 31 16:52:39 2011 : Debug: users: Matched entry DEFAULT at
line 398
Wed Aug 31 16:52:39 2011 : Debug: modsingle[authorize]: returned from
files (rlm_files) for request 15
Wed Aug 31 16:52:39 2011 : Debug: modcall[authorize]: module "files"
returns ok for request 15
Wed Aug 31 16:52:39 2011 : Debug: modsingle[authorize]: calling ldap
(rlm_ldap) for request 15
Wed Aug 31 16:52:39 2011 : Debug: rlm_ldap: - authorize
Wed Aug 31 16:52:39 2011 : Debug: rlm_ldap: performing user
authorization for xxxxxxxx
Wed Aug 31 16:52:39 2011 : Debug: radius_xlat: '(uid=xxx)'
Wed Aug 31 16:52:39 2011 : Debug: radius_xlat: 'ou=Users,dc=esiee,dc=fr'
Wed Aug 31 16:52:39 2011 : Debug: rlm_ldap: ldap_get_conn: Checking Id: 0
Wed Aug 31 16:52:39 2011 : Debug: rlm_ldap: ldap_get_conn: Got Id: 0
Wed Aug 31 16:52:39 2011 : Debug: rlm_ldap: performing search in
ou=Users,dc=esiee,dc=fr, with filter (uid=hrazdira)
Wed Aug 31 16:52:39 2011 : Debug: rlm_ldap: checking if remote access
for xxxxxxxx is allowed by uid
Wed Aug 31 16:52:39 2011 : Debug: rlm_ldap: looking for check items in
directory...
Wed Aug 31 16:52:39 2011 : Debug: rlm_ldap: looking for reply items in
directory...
Wed Aug 31 16:52:39 2011 : Debug: rlm_ldap: user xxxxxxxx authorized to
use remote access
Wed Aug 31 16:52:39 2011 : Debug: rlm_ldap: ldap_release_conn: Release Id: 0
Wed Aug 31 16:52:39 2011 : Debug: modsingle[authorize]: returned from
ldap (rlm_ldap) for request 15
Wed Aug 31 16:52:39 2011 : Debug: modcall[authorize]: module "ldap"
returns ok for request 15
Wed Aug 31 16:52:39 2011 : Debug: modsingle[authorize]: calling pap
(rlm_pap) for request 15
Wed Aug 31 16:52:39 2011 : Debug: rlm_pap: WARNING! No "known good"
password found for the user. Authentication may fail because of this.
Wed Aug 31 16:52:39 2011 : Debug: modsingle[authorize]: returned from
pap (rlm_pap) for request 15
Wed Aug 31 16:52:39 2011 : Debug: modcall[authorize]: module "pap"
returns noop for request 15
Wed Aug 31 16:52:39 2011 : Debug: modcall: leaving group authorize
(returns ok) for request 15
Wed Aug 31 16:52:39 2011 : Debug: rad_check_password: Found Auth-Type
LDAP
Wed Aug 31 16:52:39 2011 : Debug: auth: type "LDAP"
Wed Aug 31 16:52:39 2011 : Debug: Processing the authenticate section
of radiusd.conf
Wed Aug 31 16:52:39 2011 : Debug: modcall: entering group authenticate
for request 15
Wed Aug 31 16:52:39 2011 : Debug: modsingle[authenticate]: calling
ldap (rlm_ldap) for request 15
Wed Aug 31 16:52:39 2011 : Debug: rlm_ldap: - authenticate
Wed Aug 31 16:52:39 2011 : Auth: rlm_ldap: Attribute "User-Password" is
required for authentication. Cannot use "CHAP-Password".
Wed Aug 31 16:52:39 2011 : Debug: modsingle[authenticate]: returned
from ldap (rlm_ldap) for request 15
Wed Aug 31 16:52:39 2011 : Debug: modcall[authenticate]: module "ldap"
returns invalid for request 15
Wed Aug 31 16:52:39 2011 : Debug: modcall: leaving group authenticate
(returns invalid) for request 15
Wed Aug 31 16:52:39 2011 : Debug: auth: Failed to validate the user.
Wed Aug 31 16:52:39 2011 : Debug: Delaying request 15 for 1 seconds
Wed Aug 31 16:52:39 2011 : Debug: Finished request 15
Wed Aug 31 16:52:39 2011 : Debug: Going to the next request
Wed Aug 31 16:52:39 2011 : Debug: --- Walking the entire request list ---
More information about the Freeradius-Users
mailing list