It's simply courteous to include previous respondents in further correspondence of an issue or conversation; Just in case they happen to overlook it in the many postings. In other lists (samba, ardour, netfilter, squid) people are nice enough to CC: me on something I was helping with (or asking about) previously. It's a habit I've picked up from others who are not-so-righteous.
--== Politeness is not a bad habit!!! ==-- I appreciate your expertise and advice. You won't receive further CC messages from me. -Ryan Beisner On Tue, 2003-02-25 at 09:41, [EMAIL PROTECTED] wrote: > Send Freeradius-Users mailing list submissions to > [EMAIL PROTECTED] > > To subscribe or unsubscribe via the World Wide Web, visit > http://lists.cistron.nl/mailman/listinfo/freeradius-users > or, via email, send a message with subject or body 'help' to > [EMAIL PROTECTED] > > You can reach the person managing the list at > [EMAIL PROTECTED] > > When replying, please edit your Subject line so it is more specific > than "Re: Contents of Freeradius-Users digest..." > > > Today's Topics: > > 1. Re: RV: freeradius-ldap is not running ([EMAIL PROTECTED]) > 2. RE: RV: freeradius-ldap is not running (Federico Edelman) > 3. Re: auth-proxy (Chris Parker) > 4. CISTRON vs. FreeRADIUS :: Extra Bit and/or Case Sensitivity (Ryan Beisner) > 5. Re: running freeradius on mips platform (Alan DeKok) > 6. Re: auth-proxy (Didi Rieder) > 7. Re: Free Radius and Inter Access Point Protocol (IAPP - 802.11f) (Alan DeKok) > 8. Re: CISTRON vs. FreeRADIUS :: Extra Bit and/or Case Sensitivity (Alan DeKok) > 9. Re: auth-proxy (Alan DeKok) > 10. Re: RV: freeradius-ldap is not running (Robert Canary) > > --__--__-- > > Message: 1 > Subject: Re: RV: freeradius-ldap is not running > To: [EMAIL PROTECTED] > From: [EMAIL PROTECTED] > Date: Tue, 25 Feb 2003 07:24:59 -0600 > Reply-To: [EMAIL PROTECTED] > > Have you tried using ldapsearch using these parameters? This is the > easiest and fastest way to find out if your LDAP parameters are correct and > your server is replying. Typically once you find the correct syntax in > ldapsearch, the modification of the radiusd.conf LDAP parameters becomes > trivial. > > Mark Capelle > > - - - - - - - - - - - - - - - > > Robert Canary wrote: > > You have ldap configured in the radius. You have ldap configured to be > a default fall-through. I understand your ldap server is working fine.=20 > I'm saying the radius server isn't talking to the ldap server, _maybe_ > because the basedn is set wrong. > > Federico Edelman wrote: > >=20 > > My LDAP server works fine. I'm using the LDAP server for other services. > >=20 > > > -----Mensaje original----- > > > De: Robert Canary [mailto:[EMAIL PROTECTED] > > > Enviado el: lunes, 24 de febrero de 2003 15:35 > > > Para: [EMAIL PROTECTED] > > > Asunto: Re: RV: freeradius-ldap is not running > > > > > > I think you should look at your ldap server logs. Your "basedn" dose= > n't > > > look right to me. I think it should be something like, > > > "cn=3Duser-that-can-read-passwords,dc=3Dexample,dc=3Dcom" > > > > > > Federico Edelman wrote: > > > > > > > > I can't get a response. > > > > Somebody know about this trouble? > > > > > > > > -----Mensaje original----- > > > > De: Federico Edelman > > > > Enviado el: jueves, 20 de febrero de 2003 10:29 > > > > Para: [EMAIL PROTECTED] > > > > Asunto: RE: freeradius-ldap is not running > > > > > > > > Robert: > > > > This is the complete log file. > > > > > > > > > -----Mensaje original----- > > > > > De: Robert Canary [mailto:[EMAIL PROTECTED] > > > > > Enviado el: mi=E9rcoles, 19 de febrero de 2003 17:54 > > > > > Para: [EMAIL PROTECTED] > > > > > Asunto: Re: freeradius-ldap is not running > > > > > > > > > > Why did you snip-it? We need the rest of the lof file. > > > > > > > > > > Do this radiusd -X >/var/log/radiusd_dbg_con.log > > > > > > > > > > It is esasier to capture the error messages that way. > > > > > > > > > > Also what shows up in your freeradius logs during this time? > > > > > > > > > > Federico Edelman wrote: > > > > > > > > > > > > Hi guys, > > > > > > I'm newbie with freeradius. I'm running freeradius-0.8.= > 1 on > > > > > > Linux Debian 3.1. The LDAP server/client is openldap-2.1.12. > > > > > > > > > > > > I've compiled the freeradius with: > > > > > > > > > > > > # LD_LIBRARY_PATH=3D"/usr/local/openldap/lib:/usr/local/lib" > > > > > > # LDFLAGS=3D"-L/usr/local/openldap/lib -L/usr/local/lib" > > > > > > # CFLAGS=3D"-O -g -I/usr/local/openldap/include -I/usr/local/in= > clude" > > > > > > # CC=3D"gcc" > > > > > > # export LD_LIBRARY_PATH LDFLAGS CFLAGS CC > > > > > > # ./configure --prefix=3D/usr/local/freeradius --with- > > > > > > openldap=3D/usr/local/openldap > > > > > > # make > > > > > > # make install > > > > > > > > > > > > All's ok. > > > > > > > > > > > > I've run: > > > > > > # /usr/local/freeradius/sbin/radiusd -X > > > > > > And... > > > > > > # /usr/local/freeradius/bin/radtest > > > > > > > > > > > > All's ok. The radtest connect with radiusd successfully. > > > > > > > > > > > > But, When I setting up the radius with LDAP support the radiusd= > exit > > > and > > > > > > not running. > > > > > > > > > > > > The radius ldap configuration: > > > > > > > > > > > > My /usr/local/freeradius/etc/raddb/radiusd.conf: > > > > > > ---- snip snip ---- > > > > > > ldap { > > > > > > server =3D "myldapserver" > > > > > > basedn =3D "ou=3Dpeople,dc=3Drootldap" > > > > > > filter =3D "((posixAccount)(uid=3D%u))" > > > > > > start_tls =3D no > > > > > > tls_mode =3D no > > > > > > dictionary_mapping =3D ${raddbdir}/ldap.attrmap > > > > > > ldap_connections_number =3D 5 > > > > > > timeout =3D 4 > > > > > > timelimit =3D 3 > > > > > > net_timeout =3D 1 > > > > > > } > > > > > > authenticate { > > > > > > authtype LDAP { > > > > > > ldap > > > > > > } > > > > > > } > > > > > > ---- snip snip ---- > > > > > --__--__-- > > Message: 2 > Subject: RE: RV: freeradius-ldap is not running > Date: Tue, 25 Feb 2003 10:52:37 -0300 > From: "Federico Edelman" <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]> > Reply-To: [EMAIL PROTECTED] > > I run the same "line" from ldapsearch command and work fine. :( > > > > -----Mensaje original----- > > De: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] > > Enviado el: martes, 25 de febrero de 2003 10:25 > > Para: [EMAIL PROTECTED] > > Asunto: Re: RV: freeradius-ldap is not running > >=20 > > Have you tried using ldapsearch using these parameters? This is the > > easiest and fastest way to find out if your LDAP parameters are > correct > > and > > your server is replying. Typically once you find the correct syntax > in > > ldapsearch, the modification of the radiusd.conf LDAP parameters > becomes > > trivial. > >=20 > > Mark Capelle > >=20 > > - - - - - - - - - - - - - - - > >=20 > > Robert Canary wrote: > >=20 > > You have ldap configured in the radius. You have ldap configured to > be > > a default fall-through. I understand your ldap server is working > fine.=3D20 > > I'm saying the radius server isn't talking to the ldap server, _maybe_ > > because the basedn is set wrong. > >=20 > > Federico Edelman wrote: > > >=3D20 > > > My LDAP server works fine. I'm using the LDAP server for other > services. > > >=3D20 > > > > -----Mensaje original----- > > > > De: Robert Canary [mailto:[EMAIL PROTECTED] > > > > Enviado el: lunes, 24 de febrero de 2003 15:35 > > > > Para: [EMAIL PROTECTED] > > > > Asunto: Re: RV: freeradius-ldap is not running > > > > > > > > I think you should look at your ldap server logs. Your "basedn" > dose=3D > > n't > > > > look right to me. I think it should be something like, > > > > "cn=3D3Duser-that-can-read-passwords,dc=3D3Dexample,dc=3D3Dcom" > > > > > > > > Federico Edelman wrote: > > > > > > > > > > I can't get a response. > > > > > Somebody know about this trouble? > > > > > > > > > > -----Mensaje original----- > > > > > De: Federico Edelman > > > > > Enviado el: jueves, 20 de febrero de 2003 10:29 > > > > > Para: [EMAIL PROTECTED] > > > > > Asunto: RE: freeradius-ldap is not running > > > > > > > > > > Robert: > > > > > This is the complete log file. > > > > > > > > > > > -----Mensaje original----- > > > > > > De: Robert Canary [mailto:[EMAIL PROTECTED] > > > > > > Enviado el: mi=3DE9rcoles, 19 de febrero de 2003 17:54 > > > > > > Para: [EMAIL PROTECTED] > > > > > > Asunto: Re: freeradius-ldap is not running > > > > > > > > > > > > Why did you snip-it? We need the rest of the lof file. > > > > > > > > > > > > Do this radiusd -X >/var/log/radiusd_dbg_con.log > > > > > > > > > > > > It is esasier to capture the error messages that way. > > > > > > > > > > > > Also what shows up in your freeradius logs during this time? > > > > > > > > > > > > Federico Edelman wrote: > > > > > > > > > > > > > > Hi guys, > > > > > > > I'm newbie with freeradius. I'm running > freeradius-0.8.=3D > > 1 on > > > > > > > Linux Debian 3.1. The LDAP server/client is openldap-2.1.12. > > > > > > > > > > > > > > I've compiled the freeradius with: > > > > > > > > > > > > > > # = > LD_LIBRARY_PATH=3D3D"/usr/local/openldap/lib:/usr/local/lib" > > > > > > > # LDFLAGS=3D3D"-L/usr/local/openldap/lib -L/usr/local/lib" > > > > > > > # CFLAGS=3D3D"-O -g -I/usr/local/openldap/include > -I/usr/local/in=3D > > clude" > > > > > > > # CC=3D3D"gcc" > > > > > > > # export LD_LIBRARY_PATH LDFLAGS CFLAGS CC > > > > > > > # ./configure --prefix=3D3D/usr/local/freeradius --with- > > > > > > > openldap=3D3D/usr/local/openldap > > > > > > > # make > > > > > > > # make install > > > > > > > > > > > > > > All's ok. > > > > > > > > > > > > > > I've run: > > > > > > > # /usr/local/freeradius/sbin/radiusd -X > > > > > > > And... > > > > > > > # /usr/local/freeradius/bin/radtest > > > > > > > > > > > > > > All's ok. The radtest connect with radiusd successfully. > > > > > > > > > > > > > > But, When I setting up the radius with LDAP support the > radiusd=3D > > exit > > > > and > > > > > > > not running. > > > > > > > > > > > > > > The radius ldap configuration: > > > > > > > > > > > > > > My /usr/local/freeradius/etc/raddb/radiusd.conf: > > > > > > > ---- snip snip ---- > > > > > > > ldap { > > > > > > > server =3D3D "myldapserver" > > > > > > > basedn =3D3D "ou=3D3Dpeople,dc=3D3Drootldap" > > > > > > > filter =3D3D "((posixAccount)(uid=3D3D%u))" > > > > > > > start_tls =3D3D no > > > > > > > tls_mode =3D3D no > > > > > > > dictionary_mapping =3D3D > ${raddbdir}/ldap.attrmap > > > > > > > ldap_connections_number =3D3D 5 > > > > > > > timeout =3D3D 4 > > > > > > > timelimit =3D3D 3 > > > > > > > net_timeout =3D3D 1 > > > > > > > } > > > > > > > authenticate { > > > > > > > authtype LDAP { > > > > > > > ldap > > > > > > > } > > > > > > > } > > > > > > > ---- snip snip ---- > >=20 > >=20 > >=20 > > - > > List info/subscribe/unsubscribe? See > > http://www.freeradius.org/list/users.html > > > --__--__-- > > Message: 3 > Date: Tue, 25 Feb 2003 08:42:20 -0600 > To: [EMAIL PROTECTED] > From: Chris Parker <[EMAIL PROTECTED]> > Subject: Re: auth-proxy > Reply-To: [EMAIL PROTECTED] > > At 02:09 PM 2/25/2003 +0100, Didi Rieder wrote: > >Hi, > > > >I would like to use cisco auth-proxy with freeradius-0.8.1. How can I > >configure > >this? (We used to use tacacs+) > > FreeRADIUS works very well with Cisco NAS ( 5x00 ) and other platforms. > > Is there something different about your situation that is not a typical > NAS/AAA setup? > > There is a doc in 'doc/cisco' that should cover basic AAA config for > a typical Cisco NAS. > > -Chris > -- > \\\|||/// \ StarNet Inc. \ Chris Parker > \ ~ ~ / \ WX *is* Wireless! \ Director, Engineering > | @ @ | \ http://www.starnetwx.net \ (847) 963-0116 > oOo---(_)---oOo--\------------------------------------------------------ > \ Wholesale Internet Services - http://www.megapop.net > > > > > --__--__-- > > Message: 4 > Subject: CISTRON vs. FreeRADIUS :: Extra Bit and/or Case Sensitivity > From: Ryan Beisner <[EMAIL PROTECTED]> > To: [EMAIL PROTECTED] > Cc: "[EMAIL PROTECTED]" <[EMAIL PROTECTED]>, > "[EMAIL PROTECTED]" > <[EMAIL PROTECTED]> > Date: 25 Feb 2003 09:02:24 -0600 > Reply-To: [EMAIL PROTECTED] > > Hi All- > > Well, this is slightly entertaining: > > ((this is not a FreeRADIUS mis-posting, please read on...)) > > I've been using FreeRADIUS for a few weeks on a USR Hiper Access 96 bank > dialup rack, authenticating with PAP. Randomly, a forward slash plus > three digits were being added to the password portion of the > authentication request. The FreeRADIUS forum folks said it was a glitch > in my W98 client(s) -- they were sometimes sending an extra bit of info > (?). While I could definitely buy the possibility that MS had once > again screwed up a standard protocol, I decided to try CISTRON RADIUSD. > > Guess what? > > No more /### at the end of passwords. Ok, so I don't have people saying > "sometimes it accepts my password, and sometimes it doesn't ... what's > going on?" Good deal. Yeah. > > But... > > > > In FreeRADIUS there is an option to alter the user name's case Before or > After authentication (failure). I have many users who (even though you > say to use lower case), continue to use a capital letter or two in their > login name. Since all users are entered into Linux as lower-case, the > authentication fails in CISTRON RADIUSD whereas it had passed in > FreeRADIUS. (Authentication method is System.) System is RH8. > > > > > ---== My question is: ==--- > > ---=== Can you force usernames to be rewritten in lowercase on the fly > using CISTRON like you can with FreeRADIUS? (ie. force lower case > before authentication attempt) > > > > > All help and comments on the subject will be greatly appreciated. > > TIA! > -Ryan Beisner > > > > > > > ... > > > > --__--__-- > > Message: 5 > From: "Alan DeKok" <[EMAIL PROTECTED]> > To: [EMAIL PROTECTED] > Subject: Re: running freeradius on mips platform > Date: Tue, 25 Feb 2003 05:06:28 -0500 > Reply-To: [EMAIL PROTECTED] > > Jeffery <[EMAIL PROTECTED]> wrote: > > All my other programs are work fine and no messages like this. all the > > other application in freeradius, like check-config, radtest, are work > > fine. Only "radiusd" cannot work. > > radiusd is also the only program built with libtool. > > > Can you give any other suggestion? Or what you think the error probably > > occur reason. Thank you! > > Do: > > $ file /usr/local/sbin/radiusd > > and see what it says. Odds are that the binary is NOT built for > your platform. > > Alan DeKok. > > > --__--__-- > > Message: 6 > Date: Tue, 25 Feb 2003 16:12:30 +0100 > From: Didi Rieder <[EMAIL PROTECTED]> > To: [EMAIL PROTECTED] > Subject: Re: auth-proxy > Reply-To: [EMAIL PROTECTED] > > This message is in MIME format and has been PGP signed. > > --=_901a2e8513a39c2173e209 > Content-Type: text/plain; charset="ISO-8859-1" > Content-Disposition: inline > Content-Transfer-Encoding: quoted-printable > > Quoting Chris Parker <[EMAIL PROTECTED]>: > > > At 02:09 PM 2/25/2003 +0100, Didi Rieder wrote: > > >Hi, > > > > > >I would like to use cisco auth-proxy with freeradius-0.8.1. How can I > > >configure > > >this? (We used to use tacacs+) > >=20 > > FreeRADIUS works very well with Cisco NAS ( 5x00 ) and other platforms. > >=20 > > Is there something different about your situation that is not a typical > > NAS/AAA setup? > >=20 > > There is a doc in 'doc/cisco' that should cover basic AAA config for > > a typical Cisco NAS. > > Thanks for the answer, but could you give me a hint how to configure radius = > to > do this (I'm really a newbie) > > in tacacs conf we had something like the following: > > user =3D DEFAULT { > service =3D auth-proxy > { > priv-lvl =3D 15 > proxyacl#1 =3D "permit ip any xxx.xxx.0.0 0.0.255.255" > } > } > > Didi > > --=20 > ------------------------- > Didi Rieder > [EMAIL PROTECTED] > PGPKey ID: 3431D0B0 > ------------------------- > > > --=_901a2e8513a39c2173e209 > Content-Type: application/pgp-signature > Content-Description: PGP Digital Signature > Content-Disposition: inline > Content-Transfer-Encoding: 7bit > > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.2.1 (SunOS) > > iD8DBQA+W4fe5UTx/TQx0LARAvJaAKCR6GHRTngY1xZZbWE5LwsEP8hFPgCgt83n > RTI93XMbvPEUfJcMr2YF9ik= > =IL7C > -----END PGP SIGNATURE----- > > --=_901a2e8513a39c2173e209-- > > > > --__--__-- > > Message: 7 > From: "Alan DeKok" <[EMAIL PROTECTED]> > To: [EMAIL PROTECTED] > Subject: Re: Free Radius and Inter Access Point Protocol (IAPP - 802.11f) > Date: Tue, 25 Feb 2003 05:06:58 -0500 > Reply-To: [EMAIL PROTECTED] > > "Mohit Bajpai" <[EMAIL PROTECTED]> wrote: > > Could you please let me know whether FreeRadius supports IAPP. > > No, it doesn't. > > No one is working on it, so far as I know. > > Alan DeKok. > > > --__--__-- > > Message: 8 > From: "Alan DeKok" <[EMAIL PROTECTED]> > To: [EMAIL PROTECTED] > Subject: Re: CISTRON vs. FreeRADIUS :: Extra Bit and/or Case Sensitivity > Date: Tue, 25 Feb 2003 05:13:50 -0500 > Reply-To: [EMAIL PROTECTED] > > I *am* reading the freeradius-users list. Was there any need to > send an extra copy of the message to me, in addition to the list? > > Ryan Beisner <[EMAIL PROTECTED]> wrote: > > I've been using FreeRADIUS for a few weeks on a USR Hiper Access 96 bank > > dialup rack, authenticating with PAP. Randomly, a forward slash plus > > No, a back-slash. See your original post: > > http://www.mail-archive.com/[EMAIL PROTECTED]/msg13422.html > > > three digits were being added to the password portion of the > > authentication request. The FreeRADIUS forum folks said it was a glitch > > in my W98 client(s) -- they were sometimes sending an extra bit of info > > (?). > > Again, that's *not* what I said. See my response: > > http://www.mail-archive.com/[EMAIL PROTECTED]/msg13424.html > > > So it looks like it's a bug in FreeRADIUS. I'm still wondering why > no one else with a similar setup sees the same problem. > > Try grabbing the latest CVS snapshot of FreeRADIUS and running > that. Maybe there was a problem during compilation... > > > ---=== Can you force usernames to be rewritten in lowercase on the fly > > using CISTRON like you can with FreeRADIUS? (ie. force lower case > > before authentication attempt) > > Sure. Edit the source code. > > Alan DeKok. > > > --__--__-- > > Message: 9 > From: "Alan DeKok" <[EMAIL PROTECTED]> > To: [EMAIL PROTECTED] > Subject: Re: auth-proxy > Date: Tue, 25 Feb 2003 05:16:31 -0500 > Reply-To: [EMAIL PROTECTED] > > Didi Rieder <[EMAIL PROTECTED]> wrote: > > Thanks for the answer, but could you give me a hint how to configure radius > > to do this (I'm really a newbie) > > Buy the RADIUS book. It describes common setups like this. > > Or, there's a file suspicially named 'proxy' in the 'doc' > directory. It might have something useful. > > Alan DeKok. > > > --__--__-- > > Message: 10 > Date: Tue, 25 Feb 2003 09:47:54 -0600 > From: Robert Canary <[EMAIL PROTECTED]> > To: [EMAIL PROTECTED] > Subject: Re: RV: freeradius-ldap is not running > Reply-To: [EMAIL PROTECTED] > > I don't _know_ it is wrong, I have only seen ldap dn (ones with access > to passwords) include a cn of the a user configures in the ACL to see > passwords. Your basedn dosen't have that, curious. > > Federico Edelman wrote: > >=20 > > Ok! But, I think, the freeradius should be warns me if the basedn has w= > rong. > > I don't like guest error. > > My basedn is that. > >=20 > > Why do you say the basedn is wrong? > >=20 > > Thanks very much. > > Fede > >=20 > > > -----Mensaje original----- > > > De: Robert Canary [mailto:[EMAIL PROTECTED] > > > Enviado el: lunes, 24 de febrero de 2003 20:40 > > > Para: [EMAIL PROTECTED] > > > Asunto: Re: RV: freeradius-ldap is not running > > > > > > You have ldap configured in the radius. You have ldap configured to = > be > > > a default fall-through. I understand your ldap server is working fin= > e. > > > I'm saying the radius server isn't talking to the ldap server, _maybe= > _ > > > because the basedn is set wrong. > > > > > > Federico Edelman wrote: > > > > > > > > My LDAP server works fine. I'm using the LDAP server for other serv= > ices. > > > > > > > > > -----Mensaje original----- > > > > > De: Robert Canary [mailto:[EMAIL PROTECTED] > > > > > Enviado el: lunes, 24 de febrero de 2003 15:35 > > > > > Para: [EMAIL PROTECTED] > > > > > Asunto: Re: RV: freeradius-ldap is not running > > > > > > > > > > I think you should look at your ldap server logs. Your "basedn" > > > dosen't > > > > > look right to me. I think it should be something like, > > > > > "cn=3Duser-that-can-read-passwords,dc=3Dexample,dc=3Dcom" > > > > > > > > > > Federico Edelman wrote: > > > > > > > > > > > > I can't get a response. > > > > > > Somebody know about this trouble? > > > > > > > > > > > > -----Mensaje original----- > > > > > > De: Federico Edelman > > > > > > Enviado el: jueves, 20 de febrero de 2003 10:29 > > > > > > Para: [EMAIL PROTECTED] > > > > > > Asunto: RE: freeradius-ldap is not running > > > > > > > > > > > > Robert: > > > > > > This is the complete log file. > > > > > > > > > > > > > -----Mensaje original----- > > > > > > > De: Robert Canary [mailto:[EMAIL PROTECTED] > > > > > > > Enviado el: mi=E9rcoles, 19 de febrero de 2003 17:54 > > > > > > > Para: [EMAIL PROTECTED] > > > > > > > Asunto: Re: freeradius-ldap is not running > > > > > > > > > > > > > > Why did you snip-it? We need the rest of the lof file. > > > > > > > > > > > > > > Do this radiusd -X >/var/log/radiusd_dbg_con.log > > > > > > > > > > > > > > It is esasier to capture the error messages that way. > > > > > > > > > > > > > > Also what shows up in your freeradius logs during this time? > > > > > > > > > > > > > > Federico Edelman wrote: > > > > > > > > > > > > > > > > Hi guys, > > > > > > > > I'm newbie with freeradius. I'm running freeradius-= > 0.8.1 > > > on > > > > > > > > Linux Debian 3.1. The LDAP server/client is openldap-2.1.12. > > > > > > > > > > > > > > > > I've compiled the freeradius with: > > > > > > > > > > > > > > > > # LD_LIBRARY_PATH=3D"/usr/local/openldap/lib:/usr/local/lib= > " > > > > > > > > # LDFLAGS=3D"-L/usr/local/openldap/lib -L/usr/local/lib" > > > > > > > > # CFLAGS=3D"-O -g -I/usr/local/openldap/include - > > > I/usr/local/include" > > > > > > > > # CC=3D"gcc" > > > > > > > > # export LD_LIBRARY_PATH LDFLAGS CFLAGS CC > > > > > > > > # ./configure --prefix=3D/usr/local/freeradius --with- > > > > > > > > openldap=3D/usr/local/openldap > > > > > > > > # make > > > > > > > > # make install > > > > > > > > > > > > > > > > All's ok. > > > > > > > > > > > > > > > > I've run: > > > > > > > > # /usr/local/freeradius/sbin/radiusd -X > > > > > > > > And... > > > > > > > > # /usr/local/freeradius/bin/radtest > > > > > > > > > > > > > > > > All's ok. The radtest connect with radiusd successfully. > > > > > > > > > > > > > > > > But, When I setting up the radius with LDAP support the rad= > iusd > > > exit > > > > > and > > > > > > > > not running. > > > > > > > > > > > > > > > > The radius ldap configuration: > > > > > > > > > > > > > > > > My /usr/local/freeradius/etc/raddb/radiusd.conf: > > > > > > > > ---- snip snip ---- > > > > > > > > ldap { > > > > > > > > server =3D "myldapserver" > > > > > > > > basedn =3D "ou=3Dpeople,dc=3Drootldap" > > > > > > > > filter =3D "((posixAccount)(uid=3D%u))" > > > > > > > > start_tls =3D no > > > > > > > > tls_mode =3D no > > > > > > > > dictionary_mapping =3D ${raddbdir}/ldap.att= > rmap > > > > > > > > ldap_connections_number =3D 5 > > > > > > > > timeout =3D 4 > > > > > > > > timelimit =3D 3 > > > > > > > > net_timeout =3D 1 > > > > > > > > } > > > > > > > > authenticate { > > > > > > > > authtype LDAP { > > > > > > > > ldap > > > > > > > > } > > > > > > > > } > > > > > > > > ---- snip snip ---- > > > > > > > > my /usr/local/freeradius/etc/raddb/dictionary: > > > > > > > > ---- snip snip ---- > > > > > > > > # > > > > > > > > # Non-Protocol Integer Translations > > > > > > > > # > > > > > > > > > > > > > > > > VALUE Auth-Type Local > > > 0 > > > > > > > > VALUE Auth-Type System > > > 1 > > > > > > > > VALUE Auth-Type SecurID > > > 2 > > > > > > > > VALUE Auth-Type Crypt-Local > > > 3 > > > > > > > > VALUE Auth-Type Reject > > > 4 > > > > > > > > VALUE Auth-Type ActivCard > > > 4 > > > > > > > > VALUE Auth-Type LDAP > > > 5 > > > > > > > > ---- snip snip ---- > > > > > > > > my /usr/local/freeradius/etc/raddb/users: > > > > > > > > ---- snip snip ---- > > > > > > > > DEFAULT Auth-Type :=3D LDAP > > > > > > > > Fall-Through =3D 1 > > > > > > > > ---- snip snip ---- > > > > > > > > > > > > > > > > My ldif user: > > > > > > > > > > > > > > > > ---- snip snip ---- > > > > > > > > dn: uid=3Dtest,ou=3Dpeople,dc=3Dclaxson > > > > > > > > objectClass: top > > > > > > > > objectClass: account > > > > > > > > objectClass: posixAccount > > > > > > > > ou: people > > > > > > > > uid: test > > > > > > > > cn: TestUser > > > > > > > > loginShell: /bin/bash > > > > > > > > homeDirectory: /home/test > > > > > > > > gecos: Test User > > > > > > > > uidNumber: 1001 > > > > > > > > gidNumber: 1001 > > > > > > > > userPassword: {crypt}XXXXXXX > > > > > > > > ---- snip snip ---- > > > > > > > > > > > > > > > > When I run "radiusd -X" I get this: > > > > > > > > ---- snip snip ---- > > > > > > > > . > > > > > > > > . > > > > > > > > . > > > > > > > > Module: Loaded radutmp > > > > > > > > radutmp: filename =3D > > > "/usr/local/freeradius/var/log/radius/radutmp" > > > > > > > > radutmp: username =3D "%{User-Name}" > > > > > > > > radutmp: perm =3D 384 > > > > > > > > radutmp: callerid =3D yes > > > > > > > > Module: Instantiated radutmp (radutmp) > > > > > > > > main: smux_password =3D "" > > > > > > > > main: snmp_write_access =3D no > > > > > > > > SMUX connect try 1 > > > > > > > > SMUX open oid: 1.3.6.1.4.1.3317.1.3.1 > > > > > > > > SMUX open progname: radiusd > > > > > > > > SMUX open password: > > > > > > > > SMUX register oid: 1.3.6.1.2.1.67.1.1.1.1 > > > > > > > > SMUX register priority: -1 > > > > > > > > SMUX register operation: 1 > > > > > > > > SMUX register oid: 1.3.6.1.2.1.67.2.1.1.1 > > > > > > > > SMUX register priority: -1 > > > > > > > > SMUX register operation: 1 > > > > > > > > ---- snip snip ---- > > > > > > > > > > > > > > > > And... exit and radiusd isn't running. > > > > > > > > > > > > > > > > What can I do wrong? Any idea? > > > > > > > > > > > > > > > > Thanks very much. > > > > > > > > > > > > > > > > Federico > > > > > > > > > > > > > > > > - > > > > > > > > List info/subscribe/unsubscribe? See > > > > > > > http://www.freeradius.org/list/users.html > > > > > > > > > > > > > > - > > > > > > > List info/subscribe/unsubscribe? See > > > > > > > http://www.freeradius.org/list/users.html > > > > > > > > > > > > -------------------------------------------------------------= > ----- > > > ---- > > > > > -- > > > > > > Name: freeradius.log > > > > > > freeradius.log Type: LOG File (application/x-unknown- > > > content- > > > > > type-log_auto_file) > > > > > > Encoding: base64 > > > > > > Description: freeradius.log > > > > > > > > > > - > > > > > List info/subscribe/unsubscribe? See > > > > > http://www.freeradius.org/list/users.html > > > > > > > > - > > > > List info/subscribe/unsubscribe? See > > > http://www.freeradius.org/list/users.html > > > > > > - > > > List info/subscribe/unsubscribe? See > > > http://www.freeradius.org/list/users.html > >=20 > > - > > List info/subscribe/unsubscribe? See http://www.freeradius.org/list/use= > rs.html > > > > --__--__-- > > - > List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html > > > End of Freeradius-Users Digest > - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
