Dear Cagri Yucel,
Add mschap to authorize{} section.
--Friday, June 14, 2002, 11:59:43 AM, you wrote to [EMAIL PROTECTED]:
CY> Hi, I don't suppose this is not a very uncommon problem as I am using a
CY> standard configuration, however, would like to ask as I could find no
CY> hints on the list archive.
CY> I have configured freeradius to auth using LDAP over Novell NDS and it
CY> works perfectly for Cisco clients or for radtest command. However, when
CY> I tired to authenticate using Windows 2000 RRAS, it seems no password
CY> transferred to the Radius and authentication failed.
CY> Please find below a sample debug:
CY> rad_recv: Access-Request packet from host 192.168.62.104:4515, id=9,
CY> length=214
CY> Thread 1 assigned request 0
CY> --- Walking the entire request list ---
CY> Threads: total/active/spare threads = 5/1/4
CY> Thread 1 handling request 0, (1 handled so far)
CY> Nothing to do. Sleeping until we see a request.
CY> NAS-IP-Address = 192.168.62.104
CY> Service-Type = Framed-User
CY> Framed-Protocol = PPP
CY> NAS-Port = 11
CY> MS-RAS-Vendor = 311
CY> MS-RAS-Version = "MSRASV5.00"
CY> NAS-Port-Type = Virtual
CY> Tunnel-Type:0 = PPTP
CY> Tunnel-Medium-Type:0 = IP
CY> Calling-Station-Id = "192.168.62.40"
CY> Tunnel-Client-Endpoint:0 = "192.168.62.40"
CY> User-Name = "testuser"
CY> MS-CHAP-Challenge = 0x34a9383b6df43c13cc4f6a530fce5f5c
CY> MS-CHAP2-Response =
CY> 0x0000eb4ced12a472d43453f801a42433c1a80000000000000000c6ec79cceafb6e895d
CY> 9bd174b2a524f3cc47c946e8ef1e21
CY> modcall: entering group authorize
CY> modcall[authorize]: module "preprocess" returns ok
CY> rlm_ldap: - authorize
CY> rlm_ldap: performing user authorization for testuser
CY> radius_xlat: '(cn=testuser)'
CY> radius_xlat: 'o=ku'
CY> ldap_get_conn: Got Id: 0
CY> rlm_ldap: attempting LDAP reconnection
CY> rlm_ldap: (re)connect to mm.ku.edu.tr:389, authentication 0
CY> rlm_ldap: bind as /
CY> rlm_ldap: waiting for bind result ...
CY> rlm_ldap: performing search in o=ku, with filter (cn=testuser)
CY> rlm_ldap: looking for check items in directory...
CY> rlm_ldap: looking for reply items in directory...
CY> rlm_ldap: user testuser authorized to use remote access
CY> ldap_release_conn: Release Id: 0
CY> modcall[authorize]: module "ldap" returns ok
CY> modcall[authorize]: module "suffix" returns ok
CY> users: Matched DEFAULT at 152
CY> users: Matched DEFAULT at 171
CY> users: Matched DEFAULT at 183
CY> modcall[authorize]: module "files" returns ok
CY> modcall[authorize]: module "mschap" returns notfound
CY> modcall: group authorize returns ok
CY> rad_check_password: Found Auth-Type LDAP
CY> auth: type "Ldap"
CY> modcall: entering group authenticate
CY> rlm_ldap: - authenticate
CY> rlm_ldap: Attribute "User-Password" is required for authentication.
CY> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
CY> ^^^^^^^^ here is the problem I suppose !!!
CY> modcall[authenticate]: module "ldap" returns invalid
CY> modcall: group authenticate returns invalid
CY> auth: Failed to validate the user.
CY> Delaying request 0 for 1 seconds
CY> Finished request 0
--
~/ZARAZA
������ ����� ���� ��������� ���� ��������� (����)
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
