|
I want to connect the RAdius server to Active
directory for doing authentication, but I encountered a problem
in passing the Password to the Active
directory server.
The following is part of the radiusd.conf
file:
ldap
{
server = "192.168.250.25" identity = "CN=cbhoh,CN=Users,DC=example,DC=com" password="%{User-Password}" # identity = "cn=admin,o=My Org,c=UA" # password = mypass basedn = "CN=cbhoh,CN=Users,DC=example,DC=com" #filter = "(CN=%{Stripped-User-Name:-%{User-Name}})" filter = "(CN=%{Stripped-User-Name:-%{User-Name}})" By running the command, ./radtest cbhoh cbhoh123
127.0.0.1:8000 10 testing123, then authentication fails, and
the following is the log details from
radiusd:
modcall: group authorize returns ok for
request 0
rad_check_password: Found Auth-Type LDAP auth: type "LDAP" modcall: entering group Auth-Type for request 0 rlm_ldap: - authenticate rlm_ldap: login attempt by "cbhoh" with password "cbhoh123" radius_xlat: '(CN=cbhoh)' radius_xlat: 'CN=cbhoh,CN=Users,DC=example,DC=com' ldap_get_conn: Got Id: 0 rlm_ldap: attempting LDAP reconnection rlm_ldap: (re)connect to 192.168.250.25:389, authentication 0 rlm_ldap: bind as CN=cbhoh,CN=Users,DC=example,DC=com/%{User-Password} to 192.168.250.25:389 rlm_ldap: waiting for bind result ... rlm_ldap: LDAP login failed: check login, password settings in ldap section of radiusd.conf rlm_ldap: (re)connection attempt failed ldap_release_conn: Release Id: 0 modcall[authenticate]: module "ldap" returns fail for request 0 modcall: group Auth-Type returns fail for request 0 auth: Failed to validate the user. As the log details show that the
%{User-Password} doesn't substituted with the correct value for password passed
by radtest
Is there any idea.. maybe i miss out
something..
regards,
- HOH
|
