LDAP Query: Not Found
Scott Pickles
scottpickles at yahoo.com
Wed Jul 29 23:10:13 CEST 2015
Thanks Alan. I did read that and just about everything else I have read indicates that we shouldn't set that? Anyways, I'll give it a try. I have currently started over again because I read a LOT of posts where Alan D. indicates to keep the base configs and ONLY modify what you need. In other words, removing stuff largely results in breaking the server and that is the fault of the end user, not FreeRADIUS :) So I have done this, and right now I'm failing at 'suffix' because there is no realm defined.
>>(1) suffix : Checking for suffix after "@"
>>(1) suffix : Looking up realm "fujiesystems.com" for User-Name = "spickles at myDomain.com"
>>(1) suffix : No such realm "myDomain.com"
>>(1) [suffix] = noop
That was defined in my proxy.conf in my previous setup, but I'm not proxying (everything will be handled by this server). So do I hardcode realm somewhere, comment out suffix, or put proxying back in because even though things handed off to the same host via virtual servers, etc. at localhost are still considered proxying? In my previous configuration suffix was included but so was proxying. My understanding of proxying is handing the request to another physical/virtual host/different IP address as opposed to localhost. Below are the changes I've made this time around:
/etc/raddb/radiusd.conf
>># PROXY CONFIGURATION
>>#
>># proxy_requests: Turns proxying of RADIUS requests on or off.
>>#
>># The server has proxying turned on by default. If your system is NOT
>># set up to proxy requests to another server, then you can turn proxying
>># off here. This will save a small amount of resources on the server.>>#
>># If you have proxying turned off, and your configuration files say
>># to proxy a request, then an error message will be logged.
>>#
>># To disable proxying, change the "yes" to "no", and comment the
>># $INCLUDE line.
>>#
>># allowed values: {no, yes}
>>#
>>proxy_requests = no
>>#$INCLUDE proxy.conf
/etc/raddb/proxy.conf>>proxy server {
>> default_fallback = no
>>}
>>home_server localhost {
>> type = auth
>> ipaddr = 127.0.0.1
>> port = 1812
>> secret = <<secret>>
>>}
>>realm myDomain.com {
>> type = radius
>> secret = <<secret>>
>> authhost = LOCAL
>> accthost = LOCAL
>>}
>>realm NULL {
>>}
>>realm LOCAL {
>>}
On Wednesday, July 29, 2015 3:22 PM, "A.L.M.Buxey at lboro.ac.uk" <A.L.M.Buxey at lboro.ac.uk> wrote:
Hi,
> This is what I read in documentation that leads me to believe my previous
> statement:
> config/Auth Type
yep. internal item...specific to the server being used. its not in the
request. in version 2 you had to usually end up setting it manually for a lot of LDAP
installs... hence all the things out there about setting it in users file
etc.....in version 3 its all updated and done in different (documented) ways -
read the mods-available/ldap file ....look for the part about 'set_auth_type'! :-)
alan
More information about the Freeradius-Users
mailing list