Dustin,
rad_recv: Access-Request packet from host 130.194.999.999:1365, id=2,
length=47
User-Name = "blaich"
User-Password = "mypassword"
modcall: entering group authorize for request 2
modcall[authorize]: module "preprocess" returns ok for request 2
rlm_realm: No '@' in User-Name = "blaich", looking up realm NULL
rlm_realm: No such realm "NULL"
modcall[authorize]: module "suffix" returns noop for request 2
users: Matched DEFAULT at 76
modcall[authorize]: module "files" returns ok for request 2
rlm_ldap: - authorize
rlm_ldap: performing user authorization for blaich
radius_xlat:
'(&(uid=blaich)(|(allowedhosts=modem*)(allowedhosts=adm*)))'
radius_xlat: 'o=Monash Uni,c=AU'
ldap_get_conn: Got Id: 0
rlm_ldap: performing search in o=Monash Uni,c=AU, with filter
(&(uid=blaich)(|(allowedhosts=modem*)(allowedhosts=adm*)))
rlm_ldap: checking if remote access for blaich is allowed by
allowedhosts
rlm_ldap: looking for check items in directory...
rlm_ldap: looking for reply items in directory...
rlm_ldap: Adding allowedhosts as testAtr, value modempool1 & op=11
rlm_ldap: Adding allowedhosts as testAtr, value modempool2 & op=11
rlm_ldap: user blaich authorized to use remote access
ldap_release_conn: Release Id: 0
modcall[authorize]: module "ldap" returns ok for request 2
modcall: group authorize returns ok for request 2
rad_check_password: Found Auth-Type ldap
auth: type "LDAP"
modcall: entering group Auth-Type for request 2
rlm_ldap: - authenticate
rlm_ldap: login attempt by "blaich" with password "mypassword"
rlm_ldap: user DN: cn=Paul Blaich, ou=IT Services, ou=Staff, o=Monash
Uni, c=au
rlm_ldap: (re)connect to directory.monash.edu.au:389, authentication 1
rlm_ldap: bind as cn=Paul Blaich, ou=IT Services, ou=Staff, o=Monash
Uni, c=au/mypassword to dir.monash.edu.au:389
rlm_ldap: waiting for bind result ...
rlm_ldap: user blaich authenticated succesfully
modcall[authenticate]: module "ldap" returns ok for request 2
modcall: group Auth-Type returns ok for request 2
Login OK: [blaich] (from client eeyore port 0)
Sending Access-Accept of id 2 to 130.194.999.999:1365
Finished request 2
Dustin Doris wrote:
>
> Can you paste the radiusd -X debug info?
>
> On Tue, 2 Mar 2004, Paul Blaich wrote:
>
> > Hi All
> >
> > I want FreeRadius to include with the Access-Accept packet that it sends
> > back some information that it reads from our LDAP directory (which is
> > authenticating our users based on 3 values that could be contained in an
> > attribute at the moment)
> >
> > Is this possible? I did setup (in ldap.attrmap)
> > replyItem testAtr allowedhosts
> >
> > which shows (during user authentication session in a debug load of
> > radiusd):
> >
> > rlm_ldap: Adding allowedhosts as testAtr, value modempool1 & op=11
> > rlm_ldap: Adding allowedhosts as testAtr, value modempool2 & op=11
> >
> > but the test program (NTRadPing Test Utility) is not showing that the
> > testAtr is being passed back.
> >
> > Any ideas?
> >
> > Thanks
> > Paul
> >
> > -
> > List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
> >
>
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
