command: radtest arookie ******** localhost 1 sharedsecret
response: rad_recv: Access-Reject packet from host 127.0.0.1:1812, id=61, length=20
snapshot of radiusd -X -A
rad_recv: Access-Request packet from host 127.0.0.1:32847, id=53, length=59
User-Name = "arookie"
User-Password = "*********"
NAS-IP-Address = 255.255.255.255
NAS-Port = 1
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 1
modcall[authorize]: module "preprocess" returns ok for request 1
modcall[authorize]: module "chap" returns noop for request 1
modcall[authorize]: module "mschap" returns noop for request 1
rlm_realm: No '@' in User-Name = "arookie", looking up realm NULL
rlm_realm: No such realm "NULL"
modcall[authorize]: module "suffix" returns noop for request 1
rlm_eap: No EAP-Message, not doing EAP
modcall[authorize]: module "eap" returns noop for request 1
users: Matched DEFAULT at 152
users: Matched DEFAULT at 155
modcall[authorize]: module "files" returns ok for request 1
rlm_ldap: - authorize
rlm_ldap: performing user authorization for arookie
radius_xlat: '(uid=arookie)'
radius_xlat: 'cn'
rlm_ldap: ldap_get_conn: Checking Id: 0
rlm_ldap: ldap_get_conn: Got Id: 0
rlm_ldap: performing search in cn, with filter (uid=arookie)
rlm_ldap: looking for check items in directory...
rlm_ldap: looking for reply items in directory...
rlm_ldap: user arookie authorized to use remote access
rlm_ldap: ldap_release_conn: Release Id: 0
modcall[authorize]: module "ldap" returns ok for request 1
modcall: group authorize returns ok for request 1
rad_check_password: Found Auth-Type System
auth: type "System"
Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 1
modcall[authenticate]: module "unix" returns notfound for request 1
modcall: group authenticate returns notfound for request 1
auth: Failed to validate the user.
Delaying request 1 for 1 seconds
Finished request 1
Q. did the ldap server properly authenticated the user & allow access. if so why did the final result was Access-Reject?
| Kostas Kalevras <[EMAIL PROTECTED]>
Sent by: [EMAIL PROTECTED] 09/16/2004 02:16 PM
|
|
On Wed, 15 Sep 2004, J.R. Cabanban wrote:
> We just turned on the LDAP (v3 enable) server feature on our lotus
> notes...
> env... rh7.3 & freeradius 1.0
> read all howto "freeradius & ldap" that I could find in the web...
> The ldap server is being queried by freeradius but could not authenticate any
> ldap defined users...
> The ldap server is working - an hp760wl is authenticating properly...
> Any direction or things to try are greatly appreciated...
Run the server in debug mode (radiusd -X) to see exactly what's happening.
>
> Thank You...
>
>
--
Kostas Kalevras Network Operations Center
[EMAIL PROTECTED] National Technical University of Athens, Greece
Work Phone: +30 210 7721861
'Go back to the shadow' Gandalf
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
