winbindd_priv dont exist

Carlos Bordon cgermanb at live.com.ar
Wed Dec 13 19:41:48 CET 2017


i undertand, but I do not know where else to search, if i change the ip of ldap server i see the change, but with chase nothing happend, comment or uncomment is the same error.


Sorry for the inconvenience, but I'm really stuck


this a complete debug

Wed Dec 13 15:39:14 2017 : Debug: (1) Received Access-Request Id 185 from 127.0.0.1:37200 to 127.0.0.1:1812 length 82
Wed Dec 13 15:39:14 2017 : Debug: (1)   User-Name = "administraor"
Wed Dec 13 15:39:14 2017 : Debug: (1)   User-Password = "H23dMclc"
Wed Dec 13 15:39:14 2017 : Debug: (1)   NAS-IP-Address = 172.18.98.201
Wed Dec 13 15:39:14 2017 : Debug: (1)   NAS-Port = 2
Wed Dec 13 15:39:14 2017 : Debug: (1)   Message-Authenticator = 0x564e81c3f590c00a02ef6d81e5a1631b
Wed Dec 13 15:39:14 2017 : Debug: (1) session-state: No State attribute
Wed Dec 13 15:39:14 2017 : Debug: (1) # Executing section authorize from file /etc/raddb/sites-enabled/default
Wed Dec 13 15:39:14 2017 : Debug: (1)   authorize {
Wed Dec 13 15:39:14 2017 : Debug: (1)     policy filter_username {
Wed Dec 13 15:39:14 2017 : Debug: (1)       if (&User-Name) {
Wed Dec 13 15:39:14 2017 : Debug: (1)       if (&User-Name)  -> TRUE
Wed Dec 13 15:39:14 2017 : Debug: (1)       if (&User-Name)  {
Wed Dec 13 15:39:14 2017 : Debug: (1)         if (&User-Name =~ / /) {
Wed Dec 13 15:39:14 2017 : Debug: No matches
Wed Dec 13 15:39:14 2017 : Debug: (1)         if (&User-Name =~ / /)  -> FALSE
Wed Dec 13 15:39:14 2017 : Debug: (1)         if (&User-Name =~ /@[^@]*@/ ) {
Wed Dec 13 15:39:14 2017 : Debug: No matches
Wed Dec 13 15:39:14 2017 : Debug: (1)         if (&User-Name =~ /@[^@]*@/ )  -> FALSE
Wed Dec 13 15:39:14 2017 : Debug: (1)         if (&User-Name =~ /\.\./ ) {
Wed Dec 13 15:39:14 2017 : Debug: No matches
Wed Dec 13 15:39:14 2017 : Debug: (1)         if (&User-Name =~ /\.\./ )  -> FALSE
Wed Dec 13 15:39:14 2017 : Debug: (1)         if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/))  {
Wed Dec 13 15:39:14 2017 : Debug: No matches
Wed Dec 13 15:39:14 2017 : Debug: (1)         if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/))   -> FALSE
Wed Dec 13 15:39:14 2017 : Debug: (1)         if (&User-Name =~ /\.$/)  {
Wed Dec 13 15:39:14 2017 : Debug: No matches
Wed Dec 13 15:39:14 2017 : Debug: (1)         if (&User-Name =~ /\.$/)   -> FALSE
Wed Dec 13 15:39:14 2017 : Debug: (1)         if (&User-Name =~ /@\./)  {
Wed Dec 13 15:39:14 2017 : Debug: No matches
Wed Dec 13 15:39:14 2017 : Debug: (1)         if (&User-Name =~ /@\./)   -> FALSE
Wed Dec 13 15:39:14 2017 : Debug: (1)       } # if (&User-Name)  = notfound
Wed Dec 13 15:39:14 2017 : Debug: (1)     } # policy filter_username = notfound
Wed Dec 13 15:39:14 2017 : Debug: (1)     modsingle[authorize]: calling preprocess (rlm_preprocess)
Wed Dec 13 15:39:14 2017 : Debug: (1)     modsingle[authorize]: returned from preprocess (rlm_preprocess)
Wed Dec 13 15:39:14 2017 : Debug: (1)     [preprocess] = ok
Wed Dec 13 15:39:14 2017 : Debug: (1)     modsingle[authorize]: calling chap (rlm_chap)
Wed Dec 13 15:39:14 2017 : Debug: (1)     modsingle[authorize]: returned from chap (rlm_chap)
Wed Dec 13 15:39:14 2017 : Debug: (1)     [chap] = noop
Wed Dec 13 15:39:14 2017 : Debug: (1)     modsingle[authorize]: calling mschap (rlm_mschap)
Wed Dec 13 15:39:14 2017 : Debug: (1)     modsingle[authorize]: returned from mschap (rlm_mschap)
Wed Dec 13 15:39:14 2017 : Debug: (1)     [mschap] = noop
Wed Dec 13 15:39:14 2017 : Debug: (1)     modsingle[authorize]: calling digest (rlm_digest)
Wed Dec 13 15:39:14 2017 : Debug: (1)     modsingle[authorize]: returned from digest (rlm_digest)
Wed Dec 13 15:39:14 2017 : Debug: (1)     [digest] = noop
Wed Dec 13 15:39:14 2017 : Debug: (1)     modsingle[authorize]: calling suffix (rlm_realm)
Wed Dec 13 15:39:14 2017 : Debug: (1) suffix: Checking for suffix after "@"
Wed Dec 13 15:39:14 2017 : Debug: (1) suffix: No '@' in User-Name = "administraor", looking up realm NULL
Wed Dec 13 15:39:14 2017 : Debug: (1) suffix: No such realm "NULL"
Wed Dec 13 15:39:14 2017 : Debug: (1)     modsingle[authorize]: returned from suffix (rlm_realm)
Wed Dec 13 15:39:14 2017 : Debug: (1)     [suffix] = noop
Wed Dec 13 15:39:14 2017 : Debug: (1)     modsingle[authorize]: calling eap (rlm_eap)
Wed Dec 13 15:39:14 2017 : Debug: (1) eap: No EAP-Message, not doing EAP
Wed Dec 13 15:39:14 2017 : Debug: (1)     modsingle[authorize]: returned from eap (rlm_eap)
Wed Dec 13 15:39:14 2017 : Debug: (1)     [eap] = noop
Wed Dec 13 15:39:14 2017 : Debug: (1)     modsingle[authorize]: calling files (rlm_files)
Wed Dec 13 15:39:14 2017 : Debug: (1)     modsingle[authorize]: returned from files (rlm_files)
Wed Dec 13 15:39:14 2017 : Debug: (1)     [files] = noop
Wed Dec 13 15:39:14 2017 : Debug: (1)     modsingle[authorize]: calling ldap (rlm_ldap)
Wed Dec 13 15:39:14 2017 : Debug: (1) ldap: EXPAND TMPL LITERAL
Wed Dec 13 15:39:14 2017 : Debug: (1) ldap: EXPAND TMPL LITERAL
Wed Dec 13 15:39:14 2017 : Debug: (1) ldap: EXPAND TMPL LITERAL
Wed Dec 13 15:39:14 2017 : Debug: (1) ldap: EXPAND TMPL LITERAL
Wed Dec 13 15:39:14 2017 : Info: rlm_ldap (ldap): Closing connection (1): Hit idle_timeout, was idle for 271 seconds
Wed Dec 13 15:39:14 2017 : Debug: rlm_ldap: Closing libldap handle 0x56501a92dd40
Wed Dec 13 15:39:14 2017 : Info: rlm_ldap (ldap): Closing connection (2): Hit idle_timeout, was idle for 271 seconds
Wed Dec 13 15:39:14 2017 : Debug: rlm_ldap: Closing libldap handle 0x56501a92e630
Wed Dec 13 15:39:14 2017 : Info: rlm_ldap (ldap): Closing connection (3): Hit idle_timeout, was idle for 271 seconds
Wed Dec 13 15:39:14 2017 : Debug: rlm_ldap: Closing libldap handle 0x56501a93f090
Wed Dec 13 15:39:14 2017 : Info: rlm_ldap (ldap): Closing connection (4): Hit idle_timeout, was idle for 271 seconds
Wed Dec 13 15:39:14 2017 : Debug: rlm_ldap (ldap): You probably need to lower "min"
Wed Dec 13 15:39:14 2017 : Debug: rlm_ldap: Closing libldap handle 0x56501a93f980
Wed Dec 13 15:39:14 2017 : Info: rlm_ldap (ldap): Closing connection (0): Hit idle_timeout, was idle for 262 seconds
Wed Dec 13 15:39:14 2017 : Debug: rlm_ldap (ldap): You probably need to lower "min"
Wed Dec 13 15:39:14 2017 : Debug: rlm_ldap: Closing libldap handle 0x56501a8ec1f0
Wed Dec 13 15:39:14 2017 : Info: rlm_ldap (ldap): Closing connection (5): Hit idle_timeout, was idle for 262 seconds
Wed Dec 13 15:39:14 2017 : Debug: rlm_ldap (ldap): You probably need to lower "min"
Wed Dec 13 15:39:14 2017 : Debug: rlm_ldap: Closing libldap handle 0x56501a9734d0
Wed Dec 13 15:39:14 2017 : Debug: rlm_ldap (ldap): 0 of 0 connections in use.  You  may need to increase "spare"
Wed Dec 13 15:39:14 2017 : Info: rlm_ldap (ldap): Opening additional connection (6), 1 of 32 pending slots used
Wed Dec 13 15:39:14 2017 : Debug: rlm_ldap (ldap): Connecting to ldap://172.18.98.110:389
Wed Dec 13 15:39:14 2017 : Debug: rlm_ldap (ldap): New libldap handle 0x56501a9734d0
Wed Dec 13 15:39:14 2017 : Debug: rlm_ldap (ldap): Waiting for bind result...
Wed Dec 13 15:39:14 2017 : Debug: rlm_ldap (ldap): Bind successful
Wed Dec 13 15:39:14 2017 : Debug: rlm_ldap (ldap): Reserved connection (6)
Wed Dec 13 15:39:14 2017 : Debug: (1) ldap: EXPAND TMPL XLAT
Wed Dec 13 15:39:14 2017 : Debug: (uid=%{%{Stripped-User-Name}:-%{User-Name}})
Wed Dec 13 15:39:14 2017 : Debug: Parsed xlat tree:
Wed Dec 13 15:39:14 2017 : Debug: literal --> (uid=
Wed Dec 13 15:39:14 2017 : Debug: XLAT-IF {
Wed Dec 13 15:39:14 2017 : Debug: attribute --> Stripped-User-Name
Wed Dec 13 15:39:14 2017 : Debug: }
Wed Dec 13 15:39:14 2017 : Debug: XLAT-ELSE {
Wed Dec 13 15:39:14 2017 : Debug: attribute --> User-Name
Wed Dec 13 15:39:14 2017 : Debug: }
Wed Dec 13 15:39:14 2017 : Debug: literal --> )
Wed Dec 13 15:39:14 2017 : Debug: (1) ldap: EXPAND (uid=%{%{Stripped-User-Name}:-%{User-Name}})
Wed Dec 13 15:39:14 2017 : Debug: (1) ldap:    --> (uid=administraor)
Wed Dec 13 15:39:14 2017 : Debug: (1) ldap: EXPAND TMPL LITERAL
Wed Dec 13 15:39:14 2017 : Debug: (1) ldap: Performing search in "cn=Users,dc=*****,dc=net" with filter "(uid=administraor)", scope "sub"
Wed Dec 13 15:39:14 2017 : Debug: (1) ldap: Waiting for search result...
Wed Dec 13 15:39:14 2017 : ERROR: (1) ldap: Failed performing search: Please set 'chase_referrals=yes' and 'rebind=yes'. See the ldap module configuration for details.
Wed Dec 13 15:39:14 2017 : ERROR: (1) ldap: Server said: 00002020: Operation unavailable without authentication.
Wed Dec 13 15:39:14 2017 : Debug: rlm_ldap (ldap): Released connection (6)
Wed Dec 13 15:39:14 2017 : Info: Need 2 more connections to reach min connections (3)
Wed Dec 13 15:39:14 2017 : Info: rlm_ldap (ldap): Opening additional connection (7), 1 of 31 pending slots used
Wed Dec 13 15:39:14 2017 : Debug: rlm_ldap (ldap): Connecting to ldap://172.18.98.110:389
Wed Dec 13 15:39:14 2017 : Debug: rlm_ldap (ldap): New libldap handle 0x56501a9737f0
Wed Dec 13 15:39:14 2017 : Debug: rlm_ldap (ldap): Waiting for bind result...
Wed Dec 13 15:39:14 2017 : Debug: rlm_ldap (ldap): Bind successful
Wed Dec 13 15:39:14 2017 : Debug: (1)     modsingle[authorize]: returned from ldap (rlm_ldap)
Wed Dec 13 15:39:14 2017 : Debug: (1)     [ldap] = fail
Wed Dec 13 15:39:14 2017 : Debug: (1)   } # authorize = fail
Wed Dec 13 15:39:14 2017 : Debug: (1) Using Post-Auth-Type Reject
Wed Dec 13 15:39:14 2017 : Debug: (1) # Executing group from file /etc/raddb/sites-enabled/default
Wed Dec 13 15:39:14 2017 : Debug: (1)   Post-Auth-Type REJECT {
Wed Dec 13 15:39:14 2017 : Debug: (1)     modsingle[post-auth]: calling attr_filter.access_reject (rlm_attr_filter)
Wed Dec 13 15:39:14 2017 : Debug: %{User-Name}
Wed Dec 13 15:39:14 2017 : Debug: Parsed xlat tree:
Wed Dec 13 15:39:14 2017 : Debug: attribute --> User-Name
Wed Dec 13 15:39:14 2017 : Debug: (1) attr_filter.access_reject: EXPAND %{User-Name}
Wed Dec 13 15:39:14 2017 : Debug: (1) attr_filter.access_reject:    --> administraor
Wed Dec 13 15:39:14 2017 : Debug: (1) attr_filter.access_reject: Matched entry DEFAULT at line 11
Wed Dec 13 15:39:14 2017 : Debug: (1)     modsingle[post-auth]: returned from attr_filter.access_reject (rlm_attr_filter)
Wed Dec 13 15:39:14 2017 : Debug: (1)     [attr_filter.access_reject] = updated
Wed Dec 13 15:39:14 2017 : Debug: (1)     modsingle[post-auth]: calling eap (rlm_eap)
Wed Dec 13 15:39:14 2017 : Debug: (1) eap: Request didn't contain an EAP-Message, not inserting EAP-Failure
Wed Dec 13 15:39:14 2017 : Debug: (1)     modsingle[post-auth]: returned from eap (rlm_eap)
Wed Dec 13 15:39:14 2017 : Debug: (1)     [eap] = noop
Wed Dec 13 15:39:14 2017 : Debug: (1)     policy remove_reply_message_if_eap {
Wed Dec 13 15:39:14 2017 : Debug: (1)       if (&reply:EAP-Message && &reply:Reply-Message) {
Wed Dec 13 15:39:14 2017 : Debug: (1)       if (&reply:EAP-Message && &reply:Reply-Message)  -> FALSE
Wed Dec 13 15:39:14 2017 : Debug: (1)       else {
Wed Dec 13 15:39:14 2017 : Debug: (1)         modsingle[post-auth]: calling noop (rlm_always)
Wed Dec 13 15:39:14 2017 : Debug: (1)         modsingle[post-auth]: returned from noop (rlm_always)
Wed Dec 13 15:39:14 2017 : Debug: (1)         [noop] = noop
Wed Dec 13 15:39:14 2017 : Debug: (1)       } # else = noop
Wed Dec 13 15:39:14 2017 : Debug: (1)     } # policy remove_reply_message_if_eap = noop
Wed Dec 13 15:39:14 2017 : Debug: (1)   } # Post-Auth-Type REJECT = updated
Wed Dec 13 15:39:14 2017 : Debug: (1) Delaying response for 1.000000 seconds
Wed Dec 13 15:39:14 2017 : Debug: Waking up in 0.3 seconds.
Wed Dec 13 15:39:14 2017 : Debug: Waking up in 0.6 seconds.
Wed Dec 13 15:39:15 2017 : Debug: (1) Sending delayed response
Wed Dec 13 15:39:15 2017 : Debug: (1) Sent Access-Reject Id 185 from 127.0.0.1:1812 to 127.0.0.1:37200 length 20
Wed Dec 13 15:39:15 2017 : Debug: Waking up in 3.9 seconds.



________________________________
De: Freeradius-Users <freeradius-users-bounces+cgermanb=live.com.ar at lists.freeradius.org> en nombre de Alan DeKok <aland at deployingradius.com>
Enviado: miércoles, 13 de diciembre de 2017 03:21 p.m.
Para: FreeRadius users mailing list
Asunto: Re: winbindd_priv dont exist

On Dec 13, 2017, at 1:03 PM, Carlos Bordon <cgermanb at live.com.ar> wrote:
>
> I make a new installation on centos 7 and freeradius v3, but i get the same error

  Then you're still making the same mistake.

> i follow this guide:
>
> https://commonworkspace.ru/article.php?id=38
FreeRadius v3 + LDAP в CentOS v7 - Commonworkspace<https://commonworkspace.ru/article.php?id=38>
commonworkspace.ru
Установка FreeRadius V3 и настройка авторизации Radius через LDAP в CentOS 7.




   The FreeRADIUS Wiki has extensive documentation on this subject.  Please follow that.

> rlm_ldap (ldap): Reserved connection (0)


  And you're posting the same debug output again.  That doesn't help.

  This isn't difficult.  The debug output tells you which files the server is reading.  You need to read the debug output, and edit those files.

  If you're editing a text file on disk, FreeRADIUS will see those changes, and read them.  There is no magic here.  It's all basic Unix system administration.

  Alan DeKok.


-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Support & Services<http://www.freeradius.org/list/users.html>
www.freeradius.org
The world's leading RADIUS server. The project includes a GPL AAA server, BSD licensed client and PAM and Apache modules. Full support is available from NetworkRADIUS.




More information about the Freeradius-Users mailing list