OpenLdap + Freeradius on centos 6.5 Not working

Vishesh kumar linuxtovishesh at gmail.com
Fri May 15 13:35:21 CEST 2015 

I am  still struggling with below errors ,

WARNING: No "known good" password was found in LDAP.
...............................
....................................................
ERROR: No authenticate method (Auth-Type) found for the request: Rejecting
the u
                 ser
Failed to authenticate the user.
Using Post-Auth-Type Reject
  WARNING: Unknown value specified for Post-Auth-Type.  Cannot perform
requested
                      action.


Below is my Default configuration Now
+++++++++++++++++++++
authorize {
        preprocess
        ldap
        mschap
}
authenticate {
Auth-Type LDAP{
     ldap
 }
 mschap
 eap
 }
++++++++++++++++++++++++++++++++++++++++++

Below is my inner-tunnel configuration,
++++++++++++++++++++++++++++++
server inner-tunnel {
listen {
       ipaddr = 127.0.0.1
       port = 18120
       type = auth
}
authorize {
        chap
        mschap
        suffix
        update control {
               Proxy-To-Realm := LOCAL
        }
        files
        ldap
        expiration
        logintime
        pap
}
authenticate {
        Auth-Type PAP {
                ldap
        }
        Auth-Type CHAP {
                chap
        }
        Auth-Type MS-CHAP {
                mschap
        }
        unix
        Auth-Type LDAP {
                ldap
        }
        eap
}
session {
        radutmp
}
post-auth {
        Post-Auth-Type REJECT {
                attr_filter.access_reject
        }
}
+++++++++++++++++++++++++++++++++++++++++++++++++

I don't know what mistake I am doing here.

Thanks
Vishesh Kumar

On Fri, May 15, 2015 at 2:20 PM, Vishesh kumar <linuxtovishesh at gmail.com>
wrote:

> Thanks Alan,
>
> Let me configure EAP then,
>
> Thanks
> Vishesh Kumar
>
> On Thu, May 14, 2015 at 6:34 PM, <A.L.M.Buxey at lboro.ac.uk> wrote:
>
>> Hi,
>>
>> > below are the logs I am getting in case of failure,
>>
>> this is an EAP packet..... therefore you need to be in the inner-tunnel
>> before you have any visibility of the password..... so you cannot
>> check/auth
>> in the outer-tunnel - this is one of those cases where you will likely
>> need
>> to set the Auth-Type to LDAP manually (in users file or via unlang) to
>> ensure
>> that the process continues and the server carries on into the
>> inner-tunnel.
>>
>> alan
>> -
>> List info/subscribe/unsubscribe? See
>> http://www.freeradius.org/list/users.html
>>
>
>
>
> --
> Regards,
> Vishesh Kumar
> http://linuxmantra.com
>



-- 
Regards,
Vishesh Kumar
http://linuxmantra.com

More information about the Freeradius-Users mailing list