hi
i like to authenticate with my AD over peap/mschapv2... but i become
following error... my clients are windowsXP SP2 with SecureW2... my test
accesspoint d-link dwl900+
and freeradius 1.0.5
i dont know why they dont send the User-Password...
rad_recv: Access-Request packet from host 192.168.13.10:1226, id=16,
length=127
User-Name = "wuser"
NAS-IP-Address = 192.168.13.10
NAS-Port = 0
Called-Station-Id = "00-80-C8-15-26-66"
Calling-Station-Id = "00-0F-B5-E1-90-E6"
NAS-Identifier = "numanu"
Framed-MTU = 1380
NAS-Port-Type = Wireless-802.11
EAP-Message = 0x0201000a017775736572
Message-Authenticator = 0xf332a25b2eaf0c9e25c989631c721dc5
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 3
modcall[authorize]: module "preprocess" returns ok for request 3
modcall[authorize]: module "mschap" returns noop for request 3
rlm_realm: No '@' in User-Name = "wuser", looking up realm NULL
rlm_realm: No such realm "NULL"
modcall[authorize]: module "suffix" returns noop for request 3
rlm_eap: EAP packet type response id 1 length 10
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
modcall[authorize]: module "eap" returns updated for request 3
rlm_ldap: Entering ldap_groupcmp()
radius_xlat: 'ou=wireless,dc=my,dc=dom'
radius_xlat: '(&(sAMAccountname=wuser)(objectClass=person))'
rlm_ldap: ldap_get_conn: Checking Id: 0
rlm_ldap: ldap_get_conn: Got Id: 0
rlm_ldap: performing search in ou=wireless,dc=my,dc=dom, with filter
(&(sAMAccountname=wuser)(objectClass=person))
rlm_ldap: ldap_release_conn: Release Id: 0
radius_xlat:
'(|(&(objectClass=GroupOfNames)(member=CN=wuser,OU=wireless,DC=my,DC=dom))(&(objectClass=GroupOfUniqueNames)(uniquemember=CN=wuser,OU=wireless,DC=my,DC=dom)))'
rlm_ldap: ldap_get_conn: Checking Id: 0
rlm_ldap: ldap_get_conn: Got Id: 0
rlm_ldap: performing search in ou=wireless,dc=my,dc=dom, with filter
(&(cn=wireless)(|(&(objectClass=GroupOfNames)(member=CN=wuser,OU=wireless,DC=my,DC=dom))(&(objectClass=GroupOfUniqueNames)(uniquemember=CN=wuser,OU=wirel
ss,DC=my,DC=dom))))
rlm_ldap: object not found or got ambiguous search result
rlm_ldap: ldap_release_conn: Release Id: 0
rlm_ldap: ldap_get_conn: Checking Id: 0
rlm_ldap: ldap_get_conn: Got Id: 0
rlm_ldap: performing search in CN=wuser,OU=wireless,DC=my,DC=dom, with
filter (objectclass=*)
rlm_ldap: performing search in CN=wireless,OU=Groups,DC=my,DC=dom, with
filter (cn=wireless)
rlm_ldap::ldap_groupcmp: User found in group wireless
rlm_ldap: ldap_release_conn: Release Id: 0
users: Matched entry DEFAULT at line 218
modcall[authorize]: module "files" returns ok for request 3
rlm_ldap: - authorize
rlm_ldap: performing user authorization for wuser
radius_xlat: '(&(sAMAccountname=wuser)(objectClass=person))'
radius_xlat: 'ou=wireless,dc=my,dc=dom'
rlm_ldap: ldap_get_conn: Checking Id: 0
rlm_ldap: ldap_get_conn: Got Id: 0
rlm_ldap: performing search in ou=wireless,dc=my,dc=dom, with filter
(&(sAMAccountname=wuser)(objectClass=person))
rlm_ldap: looking for check items in directory...
rlm_ldap: looking for reply items in directory...
rlm_ldap: user wuser authorized to use remote access
rlm_ldap: ldap_release_conn: Release Id: 0
modcall[authorize]: module "ldap" returns ok for request 3
modcall: group authorize returns updated for request 3
rad_check_password: Found Auth-Type LDAP
auth: type "LDAP"
Processing the authenticate section of radiusd.conf
modcall: entering group Auth-Type for request 3
rlm_ldap: - authenticate
rlm_ldap: Attribute "User-Password" is required for authentication.
modcall[authenticate]: module "ldap" returns invalid for request 3
modcall: group Auth-Type returns invalid for request 3
auth: Failed to validate the user.
Login incorrect: [wuser] (from client ap port 0 cli 00-0F-B5-E1-90-E6)
Delaying request 3 for 1 seconds
Finished request 3
Going to the next request
--- Walking the entire request list ---
Waking up in 1 sec
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
