On Fri, 7 Mar 2003, Robert Morse wrote:
>
>
> Kostas Kalevras wrote:
>
> >On Thu, 6 Mar 2003, Robert Morse wrote:
> >
> >
> >
> >>checking for ldap_init in -lldap_r... no
> >>
> >>
> > ^^^^^^^^^^^^^^^^^^^^^^^^^^^
> >
> >So do you have libldap_r in /opt/local/openldap/lib? Does it work correctly?
> >
>
> Kostas,
>
> As it turns out, the libs were not in the correct place. I recompiled
> and installed
> the openldap sdk and now the configure works.
>
> Now I am trying to do some radtest commands to test it out. I find the
> documentation
> a little lacking on configuring for ldap auth. Does anybody know of a
> "good" document
> that would walk me through the configuration steps for this?
Other than doc/rlm_ldap no there isn't. If you find it lacking please do submit
a patch to make it better.
>
> Here is the radtest command I use:
>
> radtest test_user <password> localhost:1645 0 testingtesting
>
> and here is the output of that command:
>
> Sending Access-Request of id 97 to 127.0.0.1:1645
> User-Name = "test_user"
> User-Password = "r\n\374A-\242Fn\047gR\234\201\r\026\255"
> NAS-IP-Address = radius.test.brown.edu
> NAS-Port = 0
> rad_recv: Access-Reject packet from host 127.0.0.1:1645, id=97, length=20
>
> I started the radisud with the -X switch, and here is the output when I
> run that
> radtest command:
>
> rad_recv: Access-Request packet from host 127.0.0.1:44398, id=97, length=59
> User-Name = "test_user"
> User-Password = "******"
> NAS-IP-Address = 255.255.255.255
> NAS-Port = 0
> modcall: entering group authorize
> modcall[authorize]: module "preprocess" returns ok
> modcall: group authorize returns ok
> rad_check_password: Found Auth-Type LDAP
> auth: type "LDAP"
> auth: Failed to validate the user.
> Delaying request 1 for 1 seconds
> Finished request 1
In the sample radiusd.conf:
# Uncomment it if you want to use ldap for authentication
# authtype LDAP {
# ldap
# }
What does your authenticate section look like?
>
> I can see that the error "auth: Failed to validate the user." is telling
> me that
> it failed, but I am not sure exactly where it failed.
>
> I am sure that the passwords I am using are correct. I can do an ldapsearch
> command and authorize as the test_user on the command line, so I know that
> works. I think I have some configuration issues. I am looking at some
> documents
> I found on the net, but none that have helped so far.
>
> Any help is appreciated.
>
> Thanks.
>
>
>
--
Kostas Kalevras Network Operations Center
[EMAIL PROTECTED] National Technical University of Athens, Greece
Work Phone: +30 210 7721861
'Go back to the shadow' Gandalf
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
