Block guest VPN
Sazzad Hossain
sazzad.suzon89 at gmail.com
Wed Sep 22 17:08:39 CEST 2021
Hello,
i have found my mistake and change it [@ sites-enables/default] but now it
shows this failure output. Any idea?
Regards
_____________________________________________________________________________________________________________________________________________________________________________
}
rlm_ldap (ldap): Initialising connection pool
pool {
start = 5
min = 3
max = 32
spare = 10
uses = 0
lifetime = 0
cleanup_interval = 30
idle_timeout = 60
retry_delay = 30
spread = no
}
rlm_ldap (ldap): Opening additional connection (0), 1 of 32 pending slots
used
rlm_ldap (ldap): Connecting to ldap://10.9.25.56:389
rlm_ldap (ldap): Waiting for bind result...
rlm_ldap (ldap): Bind successful
rlm_ldap (ldap): Opening additional connection (1), 1 of 31 pending slots
used
rlm_ldap (ldap): Connecting to ldap://10.9.25.56:389
rlm_ldap (ldap): Waiting for bind result...
rlm_ldap (ldap): Bind successful
rlm_ldap (ldap): Opening additional connection (2), 1 of 30 pending slots
used
rlm_ldap (ldap): Connecting to ldap://10.9.25.56:389
rlm_ldap (ldap): Waiting for bind result...
rlm_ldap (ldap): Bind successful
rlm_ldap (ldap): Opening additional connection (3), 1 of 29 pending slots
used
rlm_ldap (ldap): Connecting to ldap://10.9.25.56:389
rlm_ldap (ldap): Waiting for bind result...
rlm_ldap (ldap): Bind successful
rlm_ldap (ldap): Opening additional connection (4), 1 of 28 pending slots
used
rlm_ldap (ldap): Connecting to ldap://10.9.25.56:389
rlm_ldap (ldap): Waiting for bind result...
rlm_ldap (ldap): Bind successful
# Instantiating module "logintime" from file
/etc/freeradius/3.0/mods-enabled/logintime
# Instantiating module "files" from file
/etc/freeradius/3.0/mods-enabled/files
reading pairlist file /etc/freeradius/3.0/mods-config/files/authorize
/etc/freeradius/3.0/mods-config/files/authorize[96]: *Entry does not begin
with a user name*
*Failed reading /etc/freeradius/3.0/mods-config/files/authorize*
/etc/freeradius/3.0/mods-enabled/files[9]: *Instantiation failed for module
"files"*
On Wed, Sep 22, 2021 at 3:30 PM Jonathan Davis <jonathan at prioritycolo.com>
wrote:
> Except it doesn't look like it is a guest user?
>
> (0) if (Ldap-Group == "Gast") {
> (0) Searching for user in group "Gast"
> rlm_ldap (ldap): Reserved connection (2)
> (0) Using user DN from request "uid=riedel,ou=people,dc=fr"
> (0) Checking user object's memberOf attributes
> (0) Performing unfiltered search in "uid=riedel,ou=people,dc=fr",
> scope "base"
> (0) Waiting for search result...
> (0) Search returned no results
> (0) Can't check membership attributes, user object not found
> rlm_ldap (ldap): Released connection (2)
> (0) User is not a member of "Gast"
>
> Check the rlm_ldap docs ?
>
> Jonathan Davis - Priority Colo Inc.
> jonathan at prioritycolo.com - https://www.prioritycolo.com
> 1-888-AS-30176 (1-888-273-0176) x304
>
> On 2021-09-22 9:26 a.m., Sazzad Hossain wrote:
> > Hello,
> >
> > yes,that's the problem.Although its a guest user,it shows following:
> >
> > _______________________________________________________________
> >
> > 0) *User is not a member of "Gast" [ALthough user is a guest]*
> > (0) if (Ldap-Group == "Gast") -> FALSE
> > (0) [expiration] = noop
> > (0) [logintime] = noop
> >
> > ________________________________________________________________
> >
> > THanks
> >
> > On Wed, Sep 22, 2021 at 3:22 PM Alan DeKok <aland at deployingradius.com>
> > wrote:
> >
> >> On Sep 22, 2021, at 9:19 AM, Sazzad Hossain <sazzad.suzon89 at gmail.com>
> >> wrote:
> >>> Another question, although after those two changes [mentioned above],
> the
> >>> server is still allowing the GUEST users to login.What i am doing
> wrong?
> >> Read the debug output, and see if it's doing what you want.
> >>
> >>
> >>> (0) if (Ldap-Group == "Gast") -> FALSE
> >> That seems relevant.
> >>
> >> Alan DeKok.
> >>
> >> -
> >> List info/subscribe/unsubscribe? See
> >> http://www.freeradius.org/list/users.html
> > -
> > List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
More information about the Freeradius-Users
mailing list