Re: Alfa&Ariss Client Heeeeeeeeeeeeelp!!!!!!!

Jos� Luis Solano Mon, 23 Feb 2004 08:33:17 -0800

Tanks Tom, but what I need to do? In my LDAP i have created the user
888888888881 whit the password izadisan TODAY, so I don't know why
freeradius tell me "password has expired". Do you know how freeradius get
the password from LDAP???



Thanks in advance



Jos� Luis Solano
SGI - Soluciones Globales Internet S.A.
Delegaci�n Regional Sur
[EMAIL PROTECTED]
(+34) 954.088.060
----- Original Message -----
From: "Tom Rixom" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Monday, February 23, 2004 5:19 PM
Subject: RE: Alfa&Ariss Client Heeeeeeeeeeeeelp!!!!!!!


> Hello,
>
> At the end of the log file the following statement might ring a bell:
>
> > Cleaning up request 22 ID 11 with timestamp 403a2289
> > Sending Access-Reject of id 12 to 192.168.49.252:1225
> >         Reply-Message += "Password Has Expired\r\n"
> > Waking up in 4 seconds...
>
> Password has expired....?
>
> Tom Rixom
> SecureW2
>
>
> > -----Original Message-----
> > From: Jos� Luis Solano [mailto:[EMAIL PROTECTED]
> > Sent: Monday, February 23, 2004 5:10 PM
> > To: [EMAIL PROTECTED]
> > Subject: Re: Alfa&Ariss Client Heeeeeeeeeeeeelp!!!!!!!
> >
> >
> >
> > Hi all,
> >
> > Lionel, Jean-Paul and family I have had the changes and
> > currently I think I
> > have the same configuration than Lionel and Jean-Paul, but my
> > freeradius
> > don't run with TTLS and LDAP, the freeradius error is the following:
> >
> > Note this lines:
> > rlm_ldap: user 888888888881 authorized to use remote access
> > ldap_release_conn: Release Id: 0
> >   modcall[authorize]: module "ldap" returns ok for request 22
> > modcall: group authorize returns updated for request 22
> > auth: Failed to validate the user.
> >
> > I think the user 888888888881 is authorizated but NOT
> > authenticate, isn't
> > it?
> >
> > I remember you I use Secure W2 client. (PAP)
> >
> >
> > thanks in advance
> >
> >
> > [EMAIL PROTECTED] /]# rad_recv: Access-Request packet from host
> > 192.168.49.252:1225, id=10, length=146
> >         User-Name = "888888888881"
> >         NAS-IP-Address = 192.168.49.252
> >         NAS-Port = 0
> >         Called-Station-Id = "00-80-C8-01-01-55"
> >         Calling-Station-Id = "00-0B-46-26-1C-44"
> >         NAS-Identifier = "DWL-1000AP+"
> >         Framed-MTU = 1380
> >         NAS-Port-Type = Wireless-802.11
> >         EAP-Message = 0x0201001101383838383838383838383831
> >         Message-Authenticator = 0xf5bdbb8b3ae83b0daec8d12cdaa2ecb3
> > modcall: entering group authorize for request 21
> >   modcall[authorize]: module "preprocess" returns ok for request 21
> >   modcall[authorize]: module "chap" returns noop for request 21
> >   modcall[authorize]: module "mschap" returns noop for request 21
> >     rlm_realm: No '@' in User-Name = "888888888881", looking
> > up realm NULL
> >     rlm_realm: No such realm "NULL"
> >   modcall[authorize]: module "suffix" returns noop for request 21
> >   rlm_eap: EAP packet type response id 1 length 17
> >   rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
> >   modcall[authorize]: module "eap" returns updated for request 21
> >     users: Matched DEFAULT at 152
> >   modcall[authorize]: module "files" returns ok for request 21
> > rlm_ldap: - authorize
> > rlm_ldap: performing user authorization for 888888888881
> > radius_xlat:  '(uid=888888888881)'
> > radius_xlat:  'ou=Wireless,dc=sgi,dc=es'
> > ldap_get_conn: Got Id: 0
> > rlm_ldap: performing search in ou=Wireless,dc=sgi,dc=es, with filter
> > (uid=888888888881)
> > rlm_ldap: looking for check items in directory...
> > rlm_ldap: Adding radiusExpiration as Expiration, value 22 & op=21
> > rlm_ldap: Adding radiusAuthType as Auth-Type, value EAP & op=21
> > rlm_ldap: looking for reply items in directory...
> > rlm_ldap: user 888888888881 authorized to use remote access
> > ldap_release_conn: Release Id: 0
> >   modcall[authorize]: module "ldap" returns ok for request 21
> > modcall: group authorize returns updated for request 21
> > auth: Failed to validate the user.
> > Delaying request 21 for 1 seconds
> > Finished request 21
> > Going to the next request
> > --- Walking the entire request list ---
> > Waking up in 1 seconds...
> > --- Walking the entire request list ---
> > Waking up in 1 seconds...
> > --- Walking the entire request list ---
> > Sending Access-Reject of id 10 to 192.168.49.252:1225
> >         Reply-Message += "Password Has Expired\r\n"
> > Waking up in 4 seconds...
> > rad_recv: Access-Request packet from host 192.168.49.252:1225, id=11,
> > length=146
> >         User-Name = "888888888881"
> >         NAS-IP-Address = 192.168.49.252
> >         NAS-Port = 0
> >         Called-Station-Id = "00-80-C8-01-01-55"
> >         Calling-Station-Id = "00-0B-46-26-1C-44"
> >         NAS-Identifier = "DWL-1000AP+"
> >         Framed-MTU = 1380
> >         NAS-Port-Type = Wireless-802.11
> >         EAP-Message = 0x0201001101383838383838383838383831
> >         Message-Authenticator = 0xa2461b4adf3829ef9cc8c9d10cc37033
> > modcall: entering group authorize for request 22
> >   modcall[authorize]: module "preprocess" returns ok for request 22
> >   modcall[authorize]: module "chap" returns noop for request 22
> >   modcall[authorize]: module "mschap" returns noop for request 22
> >     rlm_realm: No '@' in User-Name = "888888888881", looking
> > up realm NULL
> >     rlm_realm: No such realm "NULL"
> >   modcall[authorize]: module "suffix" returns noop for request 22
> >   rlm_eap: EAP packet type response id 1 length 17
> >   rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
> >   modcall[authorize]: module "eap" returns updated for request 22
> >     users: Matched DEFAULT at 152
> >   modcall[authorize]: module "files" returns ok for request 22
> > rlm_ldap: - authorize
> > rlm_ldap: performing user authorization for 888888888881
> > radius_xlat:  '(uid=888888888881)'
> > radius_xlat:  'ou=Wireless,dc=sgi,dc=es'
> > ldap_get_conn: Got Id: 0
> > rlm_ldap: performing search in ou=Wireless,dc=sgi,dc=es, with filter
> > (uid=888888888881)
> > rlm_ldap: looking for check items in directory...
> > rlm_ldap: Adding radiusExpiration as Expiration, value 22 & op=21
> > rlm_ldap: Adding radiusAuthType as Auth-Type, value EAP & op=21
> > rlm_ldap: looking for reply items in directory...
> > rlm_ldap: user 888888888881 authorized to use remote access
> > ldap_release_conn: Release Id: 0
> >   modcall[authorize]: module "ldap" returns ok for request 22
> > modcall: group authorize returns updated for request 22
> > auth: Failed to validate the user.
> > Delaying request 22 for 1 seconds
> > Finished request 22
> > Going to the next request
> > --- Walking the entire request list ---
> > Waking up in 1 seconds...
> > --- Walking the entire request list ---
> > Cleaning up request 21 ID 10 with timestamp 403a2284
> > Waking up in 1 seconds...
> > --- Walking the entire request list ---
> > Sending Access-Reject of id 11 to 192.168.49.252:1225
> >         Reply-Message += "Password Has Expired\r\n"
> > Waking up in 4 seconds...
> > rad_recv: Access-Request packet from host 192.168.49.252:1225, id=12,
> > length=146
> >         User-Name = "888888888881"
> >         NAS-IP-Address = 192.168.49.252
> >         NAS-Port = 0
> >         Called-Station-Id = "00-80-C8-01-01-55"
> >         Calling-Station-Id = "00-0B-46-26-1C-44"
> >         NAS-Identifier = "DWL-1000AP+"
> >         Framed-MTU = 1380
> >         NAS-Port-Type = Wireless-802.11
> >         EAP-Message = 0x0201001101383838383838383838383831
> >         Message-Authenticator = 0xe2a546a1d8596e1437b9d629a2e8a7de
> > modcall: entering group authorize for request 23
> >   modcall[authorize]: module "preprocess" returns ok for request 23
> >   modcall[authorize]: module "chap" returns noop for request 23
> >   modcall[authorize]: module "mschap" returns noop for request 23
> >     rlm_realm: No '@' in User-Name = "888888888881", looking
> > up realm NULL
> >     rlm_realm: No such realm "NULL"
> >   modcall[authorize]: module "suffix" returns noop for request 23
> >   rlm_eap: EAP packet type response id 1 length 17
> >   rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
> >   modcall[authorize]: module "eap" returns updated for request 23
> >     users: Matched DEFAULT at 152
> >   modcall[authorize]: module "files" returns ok for request 23
> > rlm_ldap: - authorize
> > rlm_ldap: performing user authorization for 888888888881
> > radius_xlat:  '(uid=888888888881)'
> > radius_xlat:  'ou=Wireless,dc=sgi,dc=es'
> > ldap_get_conn: Got Id: 0
> > rlm_ldap: performing search in ou=Wireless,dc=sgi,dc=es, with filter
> > (uid=888888888881)
> > rlm_ldap: looking for check items in directory...
> > rlm_ldap: Adding radiusExpiration as Expiration, value 22 & op=21
> > rlm_ldap: Adding radiusAuthType as Auth-Type, value EAP & op=21
> > rlm_ldap: looking for reply items in directory...
> > rlm_ldap: user 888888888881 authorized to use remote access
> > ldap_release_conn: Release Id: 0
> >   modcall[authorize]: module "ldap" returns ok for request 23
> > modcall: group authorize returns updated for request 23
> > auth: Failed to validate the user.
> > Delaying request 23 for 1 seconds
> > Finished request 23
> > Going to the next request
> > --- Walking the entire request list ---
> > Waking up in 1 seconds...
> > --- Walking the entire request list ---
> > Waking up in 1 seconds...
> > --- Walking the entire request list ---
> > Cleaning up request 22 ID 11 with timestamp 403a2289
> > Sending Access-Reject of id 12 to 192.168.49.252:1225
> >         Reply-Message += "Password Has Expired\r\n"
> > Waking up in 4 seconds...
> > --- Walking the entire request list ---
> > Cleaning up request 23 ID 12 with timestamp 403a228d
> > Nothing to do.  Sleeping until we see a request.
> >
> >
> >
> >
> > Jos� Luis Solano
> > SGI - Soluciones Globales Internet S.A.
> > Delegaci�n Regional Sur
> > [EMAIL PROTECTED]
> > (+34) 954.088.060
> > ----- Original Message -----
> > From: "Jos� Luis Solano" <[EMAIL PROTECTED]>
> > To: <[EMAIL PROTECTED]>
> > Sent: Monday, February 23, 2004 4:06 PM
> > Subject: Re: Alfa&Ariss Client Heeeeeeeeeeeeelp!!!!!!!
> >
> >
> > > Thanks Alan!!!
> > >
> > >
> > > Jos� Luis Solano
> > > SGI - Soluciones Globales Internet S.A.
> > > Delegaci�n Regional Sur
> > > [EMAIL PROTECTED]
> > > (+34) 954.088.060
> > > ----- Original Message -----
> > > From: "Alan DeKok" <[EMAIL PROTECTED]>
> > > To: <[EMAIL PROTECTED]>
> > > Sent: Monday, February 23, 2004 3:18 PM
> > > Subject: Re: Alfa&Ariss Client Heeeeeeeeeeeeelp!!!!!!!
> > >
> > >
> > > > =?iso-8859-1?Q?Jos=E9_Luis_Solano?= <[EMAIL PROTECTED]> wrote:
> > > > > -have you changed anything in dictionary file?
> > > >
> > > >   Don't edit the dictionary files.  99.99999% of the
> > time, it's the
> > > > wrong thing to do.
> > > >
> > > >   Alan DeKok.
> > > >
> > > > -
> > > > List info/subscribe/unsubscribe? See
> > > http://www.freeradius.org/list/users.html
> > > >
> > >
> > >
> > > -
> > > List info/subscribe/unsubscribe? See
> > http://www.freeradius.org/list/users.html
> > >
> >
> >
> > -
> > List info/subscribe/unsubscribe? See
> > http://www.freeradius.org/list/users.html
> >
>
> -
> List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
>


-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: Alfa&Ariss Client Heeeeeeeeeeeeelp!!!!!!!

Reply via email to