Help PLease

Adam Schappell aschappell at clearedgeit.com
Mon Mar 30 20:44:35 CEST 2015 

I get its failing but I do not know what else to set it to, It is the
correct path, I have tested it on different programs and systems to make
sure. Some thing is not right. If it is binding successfully with the same
user route and password then why the heck cant it find it????? Sorry just
annoying, I have been trying to get this done for sometime now.

rad_recv: Access-Request packet from host 127.0.0.1 port 33787, id=167,
length=76

User-Name = "radius"

User-Password = "ceadmin"

NAS-IP-Address = 10.0.1.104

NAS-Port = 0

Message-Authenticator = 0xf09aaa8f36336f802d04927ccae3c245

# Executing section authorize from file /etc/raddb/sites-enabled/default

+- entering group authorize {...}

++[preprocess] returns ok

++[chap] returns noop

++[mschap] returns noop

++[digest] returns noop

[suffix] No '@' in User-Name = "radius", looking up realm NULL

[suffix] No such realm "NULL"

++[suffix] returns noop

[eap] No EAP-Message, not doing EAP

++[eap] returns noop

[files] users: Matched entry DEFAULT at line 1

++[files] returns ok

[sql] expand: %{User-Name} -> radius

[sql] sql_set_user escaped user --> 'radius'

rlm_sql (sql): Reserving sql socket id: 4

[sql] expand: SELECT id, username, attribute, value, op           FROM
radcheck           WHERE username = '%{SQL-User-Name}'           ORDER BY
id -> SELECT id, username, attribute, value, op           FROM radcheck
      WHERE username = 'radius'           ORDER BY id

[sql] expand: SELECT groupname           FROM radusergroup           WHERE
username = '%{SQL-User-Name}'           ORDER BY priority -> SELECT
groupname           FROM radusergroup           WHERE username = 'radius'
        ORDER BY priority

rlm_sql (sql): Released sql socket id: 4

[sql] User radius not found

++[sql] returns notfound

[ldap] performing user authorization for radius

[ldap] expand: %{Stripped-User-Name} ->

[ldap] ... expanding second conditional

[ldap] expand: %{User-Name} -> radius

[ldap] expand: (&(SAMAccountName=%{%{Stripped-User-Name}:-%{User-Name}}) ->
(&(SAMAccountName=radius)

[ldap] expand: dc=corp,dc=clearedgeit,dc=com ->
dc=corp,dc=clearedgeit,dc=com

  [ldap] ldap_get_conn: Checking Id: 0

  [ldap] ldap_get_conn: Got Id: 0

  [ldap] attempting LDAP reconnection

  [ldap] (re)connect to dc1.corp.clearedgeit.com:389, authentication 0

  [ldap] bind as
cn=radius,ou=Users,ou=Jessup,ou=ClearEdge,dc=corp,dc=clearedgeit,dc=com/ceadmin
to dc1.corp.clearedgeit.com:389

  [ldap] waiting for bind result ...

  [ldap] Bind was successful

  [ldap] performing search in dc=corp,dc=clearedgeit,dc=com, with filter
(&(SAMAccountName=radius)

  [ldap] ldap_search() failed: Bad search filter: (&(SAMAccountName=radius)

[ldap] search failed

  [ldap] ldap_release_conn: Release Id: 0

++[ldap] returns fail

Using Post-Auth-Type Reject

# Executing group from file /etc/raddb/sites-enabled/default

+- entering group REJECT {...}

[attr_filter.access_reject] expand: %{User-Name} -> radius

attr_filter: Matched entry DEFAULT at line 11

++[attr_filter.access_reject] returns updated

Delaying reject of request 0 for 1 seconds

Going to the next request

Waking up in 0.9 seconds.

Sending delayed reject for request 0

Sending Access-Reject of id 167 to 127.0.0.1 port 33787

Waking up in 4.9 seconds.

Cleaning up request 0 ID 167 with timestamp +50

Ready to process requests.

Adam Schappell
System Administrator II
Clearedge IT Solutions, LLC
10620 Guilford Road
Jessup, MD 20794
Office:443-212-4712
Fax:443-212-4809
www.ClearEdgeIT.com <http://www.clearedgeit.com/>


On Mon, Mar 30, 2015 at 1:29 PM, <A.L.M.Buxey at lboro.ac.uk> wrote:

> Hi,
>
> > [ldap] expand: %{User-Name} -> radius
> >
> > [ldap] expand: (uid=%{%{Stripped-User-Name}:-%{User-Name}}) ->
> (uid=radius)
> >
> > [ldap] expand: dc=corp,dc=clearedgeit,dc=com ->
> > dc=corp,dc=clearedgeit,dc=com
>
> okay...thats your search query
>
> >   [ldap] ldap_get_conn: Checking Id: 0
> >
> >   [ldap] ldap_get_conn: Got Id: 0
> >
> >   [ldap] performing search in dc=corp,dc=clearedgeit,dc=com, with filter
> > (uid=radius)
> >
> >   [ldap] ldap_search() failed: LDAP connection lost.
>
> and its failing.
>
> >   [ldap] performing search in dc=corp,dc=clearedgeit,dc=com, with filter
> > (uid=radius)
> >
> >   [ldap] object not found
> >
> > [ldap] search failed
>
> and again
>
> edit the ldap config file for your FreeRADIUS so you are using the correct
> LDAP path and looking for the correct object.....
>
> alan
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>

More information about the Freeradius-Users mailing list