Yet another Freeradius+openldap eap-ttls pap issue
Phil Mayers
p.mayers at imperial.ac.uk
Thu Nov 28 15:04:08 CET 2013
On 28/11/13 12:31, Work wrote:
> These are the configs:
No. These aren't needed. All you needed to send was a full debug,
gathered with:
radiusd -X
...instead of a debug you trimmed the start off, because you didn't
think it was important.
> rad_recv: Access-Request packet from host 127.0.0.1 port 33653, id=0,
> length=118
> User-Name = "atest"
> NAS-IP-Address = 127.0.0.1
> Calling-Station-Id = "02-00-00-00-00-01"
> Framed-MTU = 1400
> NAS-Port-Type = Wireless-802.11
> Connect-Info = "CONNECT 11Mbps 802.11b"
> EAP-Message = 0x0200000a016174657374
This is an EAP packet:
> [files] users: Matched entry DEFAULT at line 193
> ++[files] returns ok
What is the entry at line #193? I think you have something like this:
DEFAULT Auth-Type := LDAP
...which causes:
> Found Auth-Type = LDAP
> +- entering group LDAP {...}
> [ldap] Attribute "User-Password" is required for authentication.
> You seem to have set "Auth-Type := LDAP" somewhere.
> THAT CONFIGURATION IS WRONG. DELETE IT.
> YOU ARE PREVENTING THE SERVER FROM WORKING PROPERLY.
This. The error is clear. Please read the debugs before posting.
More information about the Freeradius-Users
mailing list