Trying to integrate with LDAP
fernando.sg1 at gmail.com
fernando.sg1 at gmail.com
Wed Mar 13 23:35:19 CET 2013
Hey,
first of all, sorry my poor english,
im trying to integrate my LDAP server with the freeradius, before 2 days
searching on google i didnt solved the problem.
when i use the command:
ldapsearch -b "ou=People,dc=xxxxxx,dc=edu,dc=br" -h 200.131.96.47
uid=user1 -D "cn=admin,dc=ifsudeste,dc=edu,dc=br" -W
i get this result:
# extended LDIF
#
# LDAPv3
# base <ou=People,dc=xxxxxx,dc=edu,dc=br> with scope subtree
# filter: uid=user1
# requesting: ALL
#
# user1, People, xxxxx.edu.br
dn: cn=user1,ou=People,dc=xxxxxx,dc=edu,dc=br
cn: user1
givenName: user
gidNumber: 501
homeDirectory: /home/users/user1
sn: 1
objectClass: inetOrgPerson
objectClass: posixAccount
objectClass: top
userPassword:: e01ENX1JQ3k1WXF4WkIxdVdTd2NWTFNOTGNBPT0=
uidNumber: 1001
uid: user1
when i try: radtest user1 123 127.0.0.1 0 testing123
i get:
Sending Access-Request of id 225 to 127.0.0.1 port 1812
User-Name = "user1"
User-Password = "123"
NAS-IP-Address = 200.131.96.49
NAS-Port = 0
rad_recv: Access-Reject packet from host 127.0.0.1 port 1812, id=225,
length=20
and using freeradius -X i see this:
rad_recv: Access-Request packet from host 127.0.0.1 port 56729, id=225,
length=57
User-Name = "user1"
User-Password = "123"
NAS-IP-Address = 200.131.96.49
NAS-Port = 0
# Executing section authorize from file
/etc/freeradius/sites-enabled/default
+- entering group authorize {...}
[ldap] performing user authorization for user1
[ldap] WARNING: Deprecated conditional expansion ":-". See "man unlang" for
details
[ldap] ... expanding second conditional
[ldap] expand: %{User-Name} -> user1
[ldap] expand: (cn=%{Stripped-User-Name:-%{User-Name}}) -> (cn=user1)
[ldap] expand: ou=People,dc=xxxxx,dc=edu,dc=br ->
ou=People,dc=xxxxxxx,dc=edu,dc=br
[ldap] ldap_get_conn: Checking Id: 0
[ldap] ldap_get_conn: Got Id: 0
[ldap] performing search in ou=People,dc=xxxxxx,dc=edu,dc=br, with filter
(cn=user1)
[ldap] object not found
[ldap] search failed
[ldap] ldap_release_conn: Release Id: 0
++[ldap] returns notfound
++[expiration] returns noop
++[logintime] returns noop
ERROR: No authenticate method (Auth-Type) found for the request: Rejecting
the user
Failed to authenticate the user.
Login incorrect ( [ldap] User not found): [user1/123] (from client
localhost port 0)
Using Post-Auth-Type Reject
# Executing group from file /etc/freeradius/sites-enabled/default
+- entering group REJECT {...}
[attr_filter.access_reject] expand: %{User-Name} -> user1
can anyone, please, help me?
sorry if this is too obvious for someone, for me isnt.
thanks.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20130313/26d05cfb/attachment.html>
More information about the Freeradius-Users
mailing list