FreeRadius - LDAP

m4xmr m.tommasi at
Wed Jul 20 10:07:44 CEST 2011

I'm trying to make working LDAP as authentication backend for RADIUS.
I verified that the data are right and the query to LDAP is properly working
if I use ldapsearch.
I experience this "rad_recv: Access-Reject packet from host,
id=78, length=20" when I try from radtest ...

This is the output of radiusd in debug-mode:

rad_recv: Access-Request packet from host, id=78, length=60
        User-Name = "ldapuser"
        User-Password = "121212"
        NAS-IP-Address =
        NAS-Port = 2
  Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 2
  modcall[authorize]: module "preprocess" returns ok for request 2
  modcall[authorize]: module "chap" returns noop for request 2
rlm_ldap: - authorize
rlm_ldap: performing user authorization for ldapuser
radius_xlat:  '(uid=ldapuser)'
radius_xlat:  'dc=example,dc=com'
rlm_ldap: ldap_get_conn: Checking Id: 0
rlm_ldap: ldap_get_conn: Got Id: 0
rlm_ldap: performing search in dc=example,dc=com, with filter (uid=ldapuser)
rlm_ldap: Added password 121212  in check items
rlm_ldap: looking for check items in directory...
rlm_ldap: looking for reply items in directory...
rlm_ldap: Setting Auth-Type = ldap
rlm_ldap: user ldapuser authorized to use remote access
rlm_ldap: ldap_release_conn: Release Id: 0
  modcall[authorize]: module "ldap" returns ok for request 2
modcall: leaving group authorize (returns ok) for request 2
  rad_check_password:  Found Auth-Type ldap
auth: type "LDAP"
  Processing the authenticate section of radiusd.conf
modcall: entering group LDAP for request 2
rlm_ldap: - authenticate
rlm_ldap: login attempt by "ldapuser" with password "121212"
rlm_ldap: user DN: uid=ldapuser,ou=People,dc=example,dc=com
rlm_ldap: (re)connect to localhost:389, authentication 1
rlm_ldap: bind as uid=ldapuser,ou=People,dc=example,dc=com/121212 to
rlm_ldap: waiting for bind result ...
rlm_ldap: Bind failed with invalid credentials
  modcall[authenticate]: module "ldap" returns reject for request 2
modcall: leaving group LDAP (returns reject) for request 2
auth: Failed to validate the user.
Login incorrect (rlm_ldap: Bind as user failed): [ldapuser] (from client
localhost port 2)
Delaying request 2 for 1 seconds
Finished request 2
Going to the next request
--- Walking the entire request list ---
Waking up in 1 seconds...

I hope, someone could help me... I'm totally in stuck.


View this message in context:
Sent from the FreeRadius - User mailing list archive at

More information about the Freeradius-Users mailing list