Frederic:
I checked the setting and it is already set to yes. That was a little
disappointing, I was hoping it would be the solution to my problem.
Thank you for your assistance.
Louis,
I ran the command as you suggested. It is currently indicating an error
reading the radiusd.conf.
Additionally, I also checked the web admin and realised that most of my
services have stopped working and I can't get them back up. The only ones
that are up are httpd.admin and memcached.
[root@pf-zen-esx ~]# radiusd -d /usr/local/pf/raddb -X
radiusd: FreeRADIUS Version 2.2.5, for host x86_64-redhat-linux-gnu, built
on Apr 29 2014 at 09:18:14
Copyright (C) 1999-2013 The FreeRADIUS server project and contributors.
There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A
PARTICULAR PURPOSE.
You may redistribute copies of FreeRADIUS under the terms of the
GNU General Public License.
For more information about these matters, see the file named COPYRIGHT.
Starting - reading configuration files ...
including configuration file /usr/local/pf/raddb/radiusd.conf
including configuration file /usr/local/pf/raddb/proxy.conf
including configuration file /usr/local/pf/raddb/clients.conf
including files in directory /usr/local/pf/raddb/modules/
including configuration file /usr/local/pf/raddb/modules/pap
including configuration file /usr/local/pf/raddb/modules/pam
including configuration file /usr/local/pf/raddb/modules/smsotp
including configuration file /usr/local/pf/raddb/modules/sradutmp
including configuration file /usr/local/pf/raddb/modules/redis
including configuration file /usr/local/pf/raddb/modules/linelog
including configuration file /usr/local/pf/raddb/modules/sql_log
including configuration file /usr/local/pf/raddb/modules/ippool
including configuration file /usr/local/pf/raddb/modules/mac2vlan
including configuration file /usr/local/pf/raddb/modules/replicate
including configuration file /usr/local/pf/raddb/modules/logintime
including configuration file /usr/local/pf/raddb/modules/mschap
/usr/local/pf/raddb/modules/mschap[15]: Parse error: Unterminated string
Errors reading or parsing /usr/local/pf/raddb/radiusd.conf
On Thu, Jun 5, 2014 at 9:21 AM, Louis Munro <[email protected]> wrote:
>
>
> On 2014-06-05, at 6:53 , Carla Nurse <[email protected]> wrote:
>
> OKay, so I think I know why the tests weren't working. The radiusd service
> isn't running.
>
> [root@pf-zen-esx ~]# service radiusd status
> radiusd is stopped
> [root@pf-zen-esx ~]# service radiusd start
> Starting radiusd: [FAILED]
>
> When I run the radiusd -X command, the end indicates that it is
> "Refusing to start with libssl version OpenSSL 1.0.1e-fips 11 Feb 2013 (in
> range 1.0.1 - 1.0.1f). Security advisory CVE-2014-0160 (Heartbleed)". I
> tried to update it using the yum install openssl 1.0.1g but that failed.
> Indicating that the package was not available.
>
>
> Refusing to start with libssl version OpenSSL 1.0.1e-fips 11 Feb 2013 (in
> range 1.0.1 - 1.0.1f). Security advisory CVE-2014-0160 (Heartbleed)
> For more information see http://heartbleed.com
>
>
> Hi Carla,
> The service is not supposed to be running.
>
> FreeRADIUS is managed by PacketFence, not initd.
>
> This is unsurprising and will probably happen even if you update libssl.
> The issue is that you are not running radiusd with the correct arguments.
>
> You should be doing it this way:
>
> # radiusd -d /usr/local/pf/raddb -X
>
>
> But don't expect that to fix your ntlm_auth problem.
> FreeRADIUS depends on ntlm_auth, not the other way around.
> You still have to get ntlm_auth working before FreeRADIUS will do Active
> Directory authentication.
>
> Have you considered the possibility that the issue is on the AD server?
> Also, make sure you have DNS working correctly.
> tcpdump ca be your friend to see what is going on between your server and
> AD.
>
> Regards,
> --
> Louis Munro
> [email protected] :: www.inverse.ca
> +1.514.447.4918 *125 :: +1 (866) 353-6153
> Inverse inc. :: Leaders behind SOGo (www.sogo.nu) and PacketFence (
> www.packetfence.org)
>
>
> ------------------------------------------------------------------------------
> Learn Graph Databases - Download FREE O'Reilly Book
> "Graph Databases" is the definitive new guide to graph databases and their
> applications. Written by three acclaimed leaders in the field,
> this first edition is now available. Download your free book today!
> http://p.sf.net/sfu/NeoTech
> _______________________________________________
> PacketFence-users mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/packetfence-users
>
>
------------------------------------------------------------------------------
Learn Graph Databases - Download FREE O'Reilly Book
"Graph Databases" is the definitive new guide to graph databases and their
applications. Written by three acclaimed leaders in the field,
this first edition is now available. Download your free book today!
http://p.sf.net/sfu/NeoTech
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
