On Mon, 24 May 2004, Michael Schwartzkopff wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Hi,
>
> I have setup a RADIUS/LDAP system according to the ldap_howto.txt of Dusty
> Doris. But I have problems authenticating the users. When I do
>
> radtest example test localhost 1 testing123
>
> I get "Access-Reject". The log of RADIUS tells me that authentication from
> LDAP went wrong:
>
> rlm_ldap: Added password test in check items
> rlm_ldap: looking for check items in directory...
> rlm_ldap: looking for reply items in directory...
> rlm_ldap: user example authorized to use remote access
> ldap_release_conn: Release Id: 0
>   modcall[authorize]: module "ldap" returns ok for request 0
> modcall: group authorize returns ok for request 0
>   rad_check_password:  Found Auth-Type Reject
>   rad_check_password: Auth-Type = Reject, rejecting user

You somehow configured the Auth-Type to be Reject. Fix that and things should
work.

> auth: Failed to validate the user.
> Login incorrect: [example/test] (from client localhost port 1)
>
> But
>
> ldapcompare -x "uid=example,ou=users,ou=radius,dc=multinet,dc=de" \
> userPassword:test
>
> gives TRUE. What might be wrong? Any idea?
>
> - --
> Dr. Michael Schwartzkopff
> MultiNET Services GmbH
> Bretonischer Ring 7
> 85630 Grasbrunn
>
> Tel: (+49 89) 456 911 - 0
> Fax: (+49 89) 456 911 - 21
> mob: (+49 174) 343 28 75
>
> PGP-ID: 15F925D9CEF94F2C
> Fingerprint: AF27 2674 4631 E230 B431  F68D 15F9 25D9 CEF9 4F2C
>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.2.2-rc1-SuSE (GNU/Linux)
>
> iD8DBQFAsdLKFfkl2c75TywRAlDFAJ4gsjUwQQWsyxIDRIzZ1DsAdi2zOACfUhME
> ctz+3GknNLp7bK7hT28sVn4=
> =cOVS
> -----END PGP SIGNATURE-----
>
>
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>

--
Kostas Kalevras         Network Operations Center
[EMAIL PROTECTED]       National Technical University of Athens, Greece
Work Phone:             +30 210 7721861
'Go back to the shadow' Gandalf

- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Reply via email to