Problem with LDAP authentication
aland at deployingradius.com
Thu May 18 20:19:01 CEST 2017
On May 18, 2017, at 1:58 PM, Pircher, Sabine <sabine.pircher at tum.de> wrote:
> I set up a wifi-system, authenticating via freeradius v3.0.12 and openldap. During the configuration I run into a problem, which I can’t understand.
> - Works: Authentication of the testuser ‘bob’ via EAP
What did you use for a test client? eapol_test? Or a real system?
> - Works: Radtest authentication of the user ‘spircher’ via ldap is also working fine. “radtest –x spircher test 127.0.0.1:1812 0 testing123”
Which doesn't test the end system. i.e. certificates, etc.
> - Not working: Authentication of the user ‘spircher’ via ldap and eap
> Attached my debugging output.
> Do you have any ideas how to solve it?
The supplicant is giving up. If you had waited a few more seconds, you would see more debug output which points you to a Wiki page. That page describes what's going on.
Odds are you didn't put the CA certificate on the end user machine.
See http://deployingradius.com for a "how to" guide. There are detailed and explicit instructions for what to do, along with what can go wrong, and why.
More information about the Freeradius-Users