Re: ldap config problems

[Leo Edmiston-Cyr]

Barry Haycock wrote:

can i have multiple authentication schemes such as ldap, unix etc???
I'm not sure -- I only user one.  ldap.  In case it helps I have the 
following authorize and authenticate sections of my radiusd.conf:

authorize {
   ldap
}
authenticate {
   ldap
}
AND an empty users file...

It looks like the LDAP part goes well for you.  Check the other 
module(s) you have listed in those sections.

lm_ldap: (re)connect to chronos.pigsarse.net:8127:389, authentication 0
rlm_ldap: bind as cn=directory manager/xxxxxxxx to 
chronos.pigsarse.net:8127:389
rlm_ldap: waiting for bind result ...
rlm_ldap: performing search in ou=People,dc=pigsarse,dc=net, with 
filter (uid=Bazoo)
rlm_ldap: Added password 
{SSHA}zBWrzWqkaEe7MYBFvrBh725BazBDDJ0DP3QGPQ== in check items
rlm_ldap: looking for check items in directory...
rlm_ldap: looking for reply items in directory...
rlm_ldap: user Bazoo authorized to use remote access  <-- authorized
ldap_release_conn: Release Id: 0
  modcall[authorize]: module "ldap" returns ok
modcall: group authorize returns ok
  rad_check_password:  Found Auth-Type System
auth: type "System"
modcall: entering group authenticate
  modcall[authenticate]: module "unix" returns notfound
modcall: group authenticate returns notfound
auth: Failed to validate the user.                                
Login incorrect: [Bazoo/xxxxxx] (from client private-network-2 port 0)
Delaying request 0 for 1 seconds
Finished request 0
Going to the next request
 
here is a copy of my radiusd.conf file ldap section i can send the 
whole file if needed.
ldap {
                server = "chronos.pigsarse.net:8127"
                identity = "cn=directory manager"
                password = "xxxxxxxx"
                basedn = "ou=People,dc=pigsarse,dc=net"
                filter = "(uid=%u)"
                start_tls = no
                tls_mode = no
                dictionary_mapping = ${raddbdir}/ldap.attrmap
                ldap_connections_number = 5
                password_attribute = userPassword
                timeout = 4
                timelimit = 3
                net_timeout = 1

------------------------------------------------------------------------
*Yahoo! Mobile* 
<http://au.rd.yahoo.com/mail/tagline/?http://au.mobile.yahoo.com/sms/mail/index.html>
- Check & compose your email via SMS on your Telstra or Vodafone mobile. 




- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html