freeraduis LDAP error

dhanushka ranasinghe parakrama1282 at gmail.com
Fri May 4 09:35:55 CEST 2012 

Hi...guys...

with the blow configuration .....in  user file


DEFAULT Ldap-Group == "cn=employees,ou=group,dc=ldap,dc=home,dc=com",
Auth-Type := PAP
 Reply-Message = "You are Accepted"

DEFAULT Auth-Type := Reject


I test the radius access from command line  , by entering wrong
password [1] and correct password [2] .., in that case radius respond
fine, Issue only occurs [3] when   access via ubuntu machine
(WPAsupplicant) ...

eg --
1) radtest  username  wrong-password  192.168.0.63  1812 testing123

Sending Access-Request of id 176 to 192.168.0.63 port 1812
	User-Name = "dhanushkar at wso2.com"
	User-Password = "dcn05c4-128222"
	NAS-IP-Address = 192.168.0.60
	NAS-Port = 1812
rad_recv: Access-Reject packet from host 192.168.0.63 port 1812,
id=176, length=38


2) radtest username  correct-password 192.168.0.63  1812 testing123

Sending Access-Request of id 167 to 192.168.0.63 port 1812
	User-Name = "dhanushkar at wso2.com"
	User-Password = "dcn05c4-1282"
	NAS-IP-Address = 192.168.0.60
	NAS-Port = 1812
rad_recv: Access-Accept packet from host 192.168.0.63 port 1812,
id=167, length=38


3)

 # Executing group from file /etc/freeradius/sites-enabled/default
Thu May  3 11:50:26 2012 : Info: +- entering group PAP {...}
Thu May  3 11:50:26 2012 : Info: [pap] ERROR: You set 'Auth-Type =
PAP' for a request that does not contain a User-Password attribute!
Thu May  3 11:50:26 2012 : Info: ++[pap] returns invalid
Thu May  3 11:50:26 2012 : Info: Failed to authenticate the user.


Thank you
Dhanushka


On 4 May 2012 11:58, Fajar A. Nugraha <list at fajar.net> wrote:
> On Fri, May 4, 2012 at 1:15 PM, dhanushka ranasinghe
> <parakrama1282 at gmail.com> wrote:
>> Hi..
>>
>> when i removed  "Auth-Type := PAP"   line    radius not checking
>> password , even when wrong password is used user get the
>> authenticated.
>
> What does the debug log say?
>
> My guess is you have Auth-Type := Accept somewhere.
>
> --
> Fajar
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

More information about the Freeradius-Users mailing list