Nübie

Fri, 04 Jan 2008 10:14:17 -0800

Hi list, i realy need help. Im trying to use pppoe-server + Freeradius + OpenLDAP. My problem is Freeradius + LDAP. I followed the manual, step by step, but it doesnt work. 
My radius.conf is:
      ldap {
              server = "127.0.0.1"
              basedn = "dc=PPP,dc=cicomsa"
              filter = "(uid=%{Stripped-User-Name:-%{User-Name}})"
              # base_filter = "(objectclass=radiusprofile)"

              start_tls = no

              #access_attr = "dialupAccess"
              dictionary_mapping = ${raddbdir}/ldap.attrmap
              ldap_connections_number = 5
              #password_header = "{clear}"
              password_attribute = "userPassword"
              edir_account_policy_check=no
              # groupname_attribute = cn
# groupmembership_filter = "(|(&(objectClass=GroupOfNames)(member=%{Ldap-UserDn}))(&(objectClass=GroupOfUniqueNames)(uniquemember=%{Ldap-UserDn})))" 
              # groupmembership_attribute = radiusGroupName
              timeout = 4
              timelimit = 3
              net_timeout = 1
              # compare_check_items = yes
              # do_xlat = yes
              # access_attr_used_for_allow = yes

               # set_auth_type = yes
      }

authorize {
ldap
}

authenticate {
       Auth-Type LDAP {
               ldap
       }
}

and my ldif schema is:
dn: uid=pepe,ou=People,dc=PPP,dc=cicomsa
structuralObjectClass: account
objectClass: top
objectClass: account
objectClass: posixAccount
cn: pepe
uid: pepe
userPassword: 123
uidNumber: 1001
gidNumber: 1024
homeDirectory: /home/pepe1
loginShell: /bin/bash

When i try to test the radius server i got this problem:

[EMAIL PROTECTED] javier.basisty]# radtest pepe 123 127.0.0.1:0 1 testing123
Sending Access-Request of id 131 to 127.0.0.1 port 1812
       User-Name = "pepe"
       User-Password = "123"
       NAS-IP-Address = 255.255.255.255
       NAS-Port = 1
Re-sending Access-Request of id 131 to 127.0.0.1 port 1812
       User-Name = "pepe"
       User-Password = "123"
       NAS-IP-Address = 255.255.255.255
       NAS-Port = 1
rad_recv: Access-Reject packet from host 127.0.0.1:1812, id=131, length=20
[EMAIL PROTECTED] javier.basisty]#

and the log is:
Fri Jan 4 15:11:53 2008 : Info: Using deprecated naslist file. Support for this will go away soon. Fri Jan 4 15:11:53 2008 : Info: rlm_exec: Wait=yes but no output defined. Did you mean output=none? 
Fri Jan  4 15:11:54 2008 : Info: Ready to process requests.
Fri Jan 4 15:11:59 2008 : Error: rlm_ldap: could not set LDAP_OPT_X_TLS_REQUIRE_CERT option to allow Fri Jan 4 15:11:59 2008 : Auth: Login incorrect: [pepe/123] (from client localhost port 2)
Is there something missing? Where is my error? is the ldif wrong or the config file? Please, if somebody can send me a tutorial will be glad! 

Regards
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Reply via email to