Help PLease

Adam Schappell aschappell at clearedgeit.com
Fri Mar 27 18:44:21 CET 2015 

Hello,
I am getting this error when trying to authenticate with ldap. I also
uncommented out the useful operations error.

[ldap] performing user authorization for aschappell

[ldap] expand: %{Stripped-User-Name} ->

[ldap] ... expanding second conditional

[ldap] expand: %{User-Name} -> aschappell

[ldap] expand: (uid=%{%{Stripped-User-Name}:-%{User-Name}}) ->
(uid=aschappell)

[ldap] expand: dc=corp,dc=clearedge,dc=com -> dc=corp,dc=clearedge,dc=com

  [ldap] ldap_get_conn: Checking Id: 0

  [ldap] ldap_get_conn: Got Id: 0

  [ldap] attempting LDAP reconnection

  [ldap] closing existing LDAP connection

  [ldap] (re)connect to corp.clearedgeit.com:389, authentication 0

  [ldap] bind as / to corp.clearedgeit.com:389

  [ldap] waiting for bind result ...

  [ldap] Bind was successful

  [ldap] performing search in dc=corp,dc=clearedge,dc=com, with filter
(uid=aschappell)

  [ldap] ldap_search() failed: Operations error

[ldap] search failed

  [ldap] ldap_release_conn: Release Id: 0

++[ldap] returns fail

Using Post-Auth-Type Reject

# Executing group from file /etc/raddb/sites-enabled/default

+- entering group REJECT {...}

[attr_filter.access_reject] expand: %{User-Name} -> aschappell

attr_filter: Matched entry DEFAULT at line 11

++[attr_filter.access_reject] returns updated

Delaying reject of request 5 for 1 seconds

Going to the next request

Waking up in 0.9 seconds.

Sending delayed reject for request 5

Sending Access-Reject of id 61 to 127.0.0.1 port 48367

Waking up in 4.9 seconds.

Cleaning up request 5 ID 61 with timestamp +490

Ready to process requests.

Adam Schappell
System Administrator II
Clearedge IT Solutions, LLC
10620 Guilford Road
Jessup, MD 20794
Office:443-212-4712
Fax:443-212-4809
www.ClearEdgeIT.com <http://www.clearedgeit.com/>


On Thu, Mar 26, 2015 at 3:05 PM, Alan DeKok <aland at deployingradius.com>
wrote:

> On Mar 26, 2015, at 1:24 PM, Adam Schappell <aschappell at clearedgeit.com>
> wrote:
> > Alan, My inner tunnel file is not empty and has a bunch of configs in it.
>
>   Then server doesn’t lie.  Read the debug output again.  Make sure you
> know which file the server is reading.
>
>   And don’t post configuration files here.  It’s useless and annoying.
>
>   The fact that you’re having massive problem shows you’ve done something
> seriously wrong.  The default configuration *works*.
>
>   Alan DeKok.
>
>
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>

More information about the Freeradius-Users mailing list