"User-Password" is required for auth..... with openldap

Sun, 13 Oct 2002 20:46:37 -0700 

Hi all:
I use eap-md5 to auth with openldap.
I have added a account to openldap as follows:

dn: cn=test2,dc=example,dc=com
objectclass: person
objectclass: radiusprofile
cn: test2
sn: test2
userPassword: {clear}test2

according to bellow freeradius message,  my freeradius have retrived 
'test2' from openldap.
I don't know the message ----->rlm_ldap: Attribute "User-Password" is 
required for authentication.
Does the radius client send a radius packet with User-Password attribute?
I think that it's invalid on eap-md5.
thanks

........................
--- Walking the entire request list ---
Cleaning up request 0 ID 1 with timestamp 3daa1beb
Nothing to do.  Sleeping until we see a request.
rad_recv: Access-Request packet from host 192.168.168.134:1812, id=1, 
length=113
        NAS-IP-Address = 192.168.168.134
        Called-Station-Id = "00-60-B3-6F-89-C8"
        Calling-Station-Id = "00-40-96-36-6C-8C"
        NAS-Port-Type = Wireless-802.11
        Framed-MTU = 1400
        User-Name = "test2"
        EAP-Message = "\002\000\000\n\001test2"
        Message-Authenticator = 0xcc0fbe218f7d932d3aeeb97829359375
modcall: entering group authorize
  modcall[authorize]: module "preprocess" returns ok
    rlm_realm: Looking up realm NULL for User-Name = "test2"
    rlm_realm: No such realm NULL
  modcall[authorize]: module "suffix" returns noop
rlm_ldap: - authorize
rlm_ldap: performing user authorization for test2
radius_xlat:  '(cn=test2)'
radius_xlat:  'dc=example,dc=com'
ldap_get_conn: Got Id: 0
rlm_ldap: attempting LDAP reconnection
rlm_ldap: (re)connect to 192.168.168.108:389, authentication 0
rlm_ldap: setting TLS mode to 4
rlm_ldap: bind as / to 192.168.168.108:389
rlm_ldap: waiting for bind result ...
rlm_ldap: performing search in dc=example,dc=com, with filter (cn=test2)
rlm_ldap: Added password test2 in check items
rlm_ldap: looking for check items in directory...
rlm_ldap: looking for reply items in directory...
rlm_ldap: user test2 authorized to use remote access
ldap_release_conn: Release Id: 0
  modcall[authorize]: module "ldap" returns ok
    users: Matched DEFAULT at 1
  modcall[authorize]: module "files" returns ok
modcall: group authorize returns ok
  rad_check_password:  Found Auth-Type LDAP
auth: type "LDAP"
modcall: entering group authtype
rlm_ldap: - authenticate
rlm_ldap: Attribute "User-Password" is required for authentication.
  modcall[authenticate]: module "ldap" returns invalid
modcall: group authtype returns invalid
auth: Failed to validate the user.
Delaying request 1 for 1 seconds
Finished request 1
Going to the next request
--- Walking the entire request list ---
Sending Access-Reject of id 1 to 192.168.168.134:1812
.........


- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Reply via email to