ldap

[John Dennis]

On 06/24/2013 02:01 PM, Julian Macassey wrote:
>> I don't follow what you're doing. Is your radius server on
>> 192.168.10.14, the same as your client? 
> 
> 	My radius server is: 192.168.10.16
> 
> 	My ldap server is: 192.168.10.14
> 
>> Because it looks like your
>> sending your access-request to the client, not the server (unless
>> they're both the same box). If they are the same box then make sure port
>> 1812 is open. 

I don't know what to say, you've got a lot of misconceptions going on
and as far as I can figure you you haven't tried to read the
documentation. For starters:

You need to send radius requests to the radius server but you're sending
them to your ldap server (huh???)

radius client != ldap, radius client == nas

You need to configure radius to work with ldap, but you haven't done
that. You have to uncomment the ldap module from
/etc/raddb/sites-enabled/default in the authorize section and also
configure your ldap values in /etc/raddb/modules/ldap. You haven't done
either of those.

I'm afraid I can't help anymore, you need to start helping yourself
first, pay attention to what you're doing, don't fail about, start with
a vanilla configuration, put it under source control so you can revert,
make only one change at a time, change only what you understand, and
read the doc, most of it is inside the config files themselves.

> 
>> Also your NAS-IP-Address in your request is not your
>> client address of 192.168.10.14.
> 
> 	I note that. But I have that in my
> /etc/freeradius/clients.conf file:
> 
> client plumgrid-ldap1 {
> #       # secret and password are mapped through the "secrets"
> #       file.
>         secret = d1sc0verplum
>         shortname = ldap
> #       # the following three fields are optional, but may be
> #       used by
> #       # checkrad.pl for simultaneous usage checks
>         ipaddr = 192.168.10.14
>         nastype     = other
> ##      login       = !root
> #       password    = someadminpas
> }
> -----
> 
> 
>>
>> Also, 127.0.1.1 seems like an odd address, localhost is normally
>> 127.0.0.1, what's in your /etc/hosts file?
>  
> 	This seems to be an ubuntu oddity.
> 
> I have modified it
> 
> 127.0.0.1	localhost plumgrid-radius1.plumgrid.com plumgrid-radius1
> #127.0.1.1	plumgrid-radius1.plumgrid.com	plumgrid-radius1
> 
> 	Yet, I still get 127.0.1.1 in my freeradius radtest.
> 
> 	I can still ping 127.0.1.1
> 
> --
> plumgrid-radius1:freeradius root#> ping 127.0.1.1
> PING 127.0.1.1 (127.0.1.1) 56(84) bytes of data.
> 64 bytes from 127.0.1.1: icmp_req=1 ttl=64 time=0.032 ms
> 64 bytes from 127.0.1.1: icmp_req=2 ttl=64 time=0.035 ms
> -----
> 
>>
>> Also I don't see what this has to do with ldap, nothing as far as I can
>> tell.
>>
> 
> 	Well, I have a a radius server that I would like to use
> the ldap server to authenticate. It works using localhost and the
> users file.