Re: [PacketFence-users] Migrating radius ldap (non AD) auth from 4.6 to 6.4

Tue, 17 Jan 2017 13:31:09 -0800 


Le 17/01/2017 à 21:48, Fabrice Durand a écrit :
> Hello Denis,
Hello Fabrice,
>
> where did you defined your ldap in Freeradius (packetfence /
> packetfence-tunnel) and in which section ?
conf/radiusd/packetfence-tunnel, in authorize section :


         #
         #  The ldap module reads passwords from the LDAP database.
         -ldap
         #

raddb/mods-enabled/ldap : my encrypted ntpassword is stored in 
'sambaNTPassword' attribute

ldap {
        server = '172.16.x.x'
         identity = "cn=xxxxxx,dc=diderot,dc=org"
         password = xxxxxxx
         base_dn = "dc=diderot,dc=org"
...
         update {
                 control:Password-With-Header    += 'userPassword'
                 control:NT-Password             := 'sambaNTPassword'
....
         user {
                 base_dn = "${..base_dn}"
                 filter = "(uid=%{%{mschap:User-Name}:-%{User-Name}})"
....


> Also do you have the whole radius debug ?


Tue Jan 17 22:22:13 2017 : Warning: WARNING: Ignoring "response_window = 
20.000000", forcing to "response_window = 10.000000"
Tue Jan 17 22:22:13 2017 : Info: Debugger not attached
Tue Jan 17 22:22:13 2017 : Info: rlm_redis: libhiredis version: 0.11.0
Tue Jan 17 22:22:13 2017 : Info: rlm_sql (sql): Driver rlm_sql_mysql 
(module rlm_sql_mysql) loaded and linked
Tue Jan 17 22:22:13 2017 : Info: rlm_sql (pfguest): Driver rlm_sql_mysql 
(module rlm_sql_mysql) loaded and linked
Tue Jan 17 22:22:13 2017 : Info: rlm_sql (pfsponsor): Driver 
rlm_sql_mysql (module rlm_sql_mysql) loaded and linked
Tue Jan 17 22:22:13 2017 : Info: rlm_sql (pfsms): Driver rlm_sql_mysql 
(module rlm_sql_mysql) loaded and linked
Tue Jan 17 22:22:13 2017 : Info: rlm_sql (pflocal): Driver rlm_sql_mysql 
(module rlm_sql_mysql) loaded and linked
Tue Jan 17 22:22:13 2017 : Info: rlm_sql (sql_reject): Driver 
rlm_sql_mysql (module rlm_sql_mysql) loaded and linked
Tue Jan 17 22:22:13 2017 : Info: rlm_redis (redis): Opening additional 
connection (0), 1 of 64 pending slots used
Tue Jan 17 22:22:13 2017 : Info: rlm_redis (redis): Opening additional 
connection (1), 1 of 63 pending slots used
Tue Jan 17 22:22:13 2017 : Info: rlm_redis (redis): Opening additional 
connection (2), 1 of 62 pending slots used
Tue Jan 17 22:22:13 2017 : Info: rlm_redis (redis): Opening additional 
connection (3), 1 of 61 pending slots used
Tue Jan 17 22:22:13 2017 : Info: rlm_redis (redis): Opening additional 
connection (4), 1 of 60 pending slots used
Tue Jan 17 22:22:13 2017 : Info: rlm_rest: libcurl version: 
libcurl/7.38.0 OpenSSL/1.0.1t zlib/1.2.8 libidn/1.29 libssh2/1.4.3 
librtmp/2.3
Tue Jan 17 22:22:13 2017 : Info: rlm_rest (rest): Opening additional 
connection (0), 1 of 64 pending slots used
Tue Jan 17 22:22:13 2017 : Info: rlm_rest (rest): Opening additional 
connection (1), 1 of 63 pending slots used
Tue Jan 17 22:22:13 2017 : Info: rlm_rest (rest): Opening additional 
connection (2), 1 of 62 pending slots used
Tue Jan 17 22:22:13 2017 : Info: rlm_rest (rest): Opening additional 
connection (3), 1 of 61 pending slots used
Tue Jan 17 22:22:13 2017 : Info: rlm_rest (rest): Opening additional 
connection (4), 1 of 60 pending slots used
Tue Jan 17 22:22:14 2017 : Info: rlm_sql_mysql: libmysql version: 5.5.53
Tue Jan 17 22:22:14 2017 : Info: rlm_sql (sql): Attempting to connect to 
database "pf"
Tue Jan 17 22:22:14 2017 : Info: rlm_sql (sql): Opening additional 
connection (0), 1 of 64 pending slots used
Tue Jan 17 22:22:14 2017 : Info: rlm_sql (sql): Opening additional 
connection (1), 1 of 63 pending slots used
Tue Jan 17 22:22:14 2017 : Info: rlm_sql (sql): Opening additional 
connection (2), 1 of 62 pending slots used
Tue Jan 17 22:22:14 2017 : Info: rlm_sql (sql): Opening additional 
connection (3), 1 of 61 pending slots used
Tue Jan 17 22:22:14 2017 : Info: rlm_sql (sql): Opening additional 
connection (4), 1 of 60 pending slots used
Tue Jan 17 22:22:14 2017 : Info: rlm_sql (sql): Need 5 more connections 
to reach 10 spares
Tue Jan 17 22:22:14 2017 : Info: rlm_sql (sql): Opening additional 
connection (5), 1 of 59 pending slots used
Tue Jan 17 22:22:14 2017 : Info: rlm_sql (pfguest): Attempting to 
connect to database "pf"
Tue Jan 17 22:22:14 2017 : Info: rlm_sql (pfsponsor): Attempting to 
connect to database "pf"
Tue Jan 17 22:22:14 2017 : Info: rlm_sql (pfsms): Attempting to connect 
to database "pf"
Tue Jan 17 22:22:14 2017 : Info: rlm_sql (pflocal): Attempting to 
connect to database "pf"
Tue Jan 17 22:22:14 2017 : Warning: rlm_sql (sql_reject): 
groupmemb_query is empty.  Please delete it from the configuration
Tue Jan 17 22:22:14 2017 : Warning: rlm_sql (sql_reject): 
authorize_check_query is empty.  Please delete it from the configuration
Tue Jan 17 22:22:14 2017 : Info: rlm_sql (sql_reject): Attempting to 
connect to database "pf"
Tue Jan 17 22:22:14 2017 : Info: rlm_ldap: libldap vendor: OpenLDAP, 
version: 20440
Tue Jan 17 22:22:14 2017 : Info: rlm_ldap (ldap): Opening additional 
connection (0), 1 of 64 pending slots used
Tue Jan 17 22:22:14 2017 : Info: rlm_ldap (ldap): Opening additional 
connection (1), 1 of 63 pending slots used
Tue Jan 17 22:22:14 2017 : Info: rlm_ldap (ldap): Opening additional 
connection (2), 1 of 62 pending slots used
Tue Jan 17 22:22:14 2017 : Info: rlm_ldap (ldap): Opening additional 
connection (3), 1 of 61 pending slots used
Tue Jan 17 22:22:14 2017 : Info: rlm_ldap (ldap): Opening additional 
connection (4), 1 of 60 pending slots used
Tue Jan 17 22:22:14 2017 : Info: rlm_rest (rest-cli): Opening additional 
connection (0), 1 of 64 pending slots used
Tue Jan 17 22:22:14 2017 : Info: rlm_rest (rest-cli): Opening additional 
connection (1), 1 of 63 pending slots used
Tue Jan 17 22:22:14 2017 : Info: rlm_rest (rest-cli): Opening additional 
connection (2), 1 of 62 pending slots used
Tue Jan 17 22:22:14 2017 : Info: rlm_rest (rest-cli): Opening additional 
connection (3), 1 of 61 pending slots used
Tue Jan 17 22:22:14 2017 : Info: rlm_rest (rest-cli): Opening additional 
connection (4), 1 of 60 pending slots used
Tue Jan 17 22:22:14 2017 : Warning: 
[raddb//mods-config/attr_filter/access_reject]:11 Check item 
"FreeRADIUS-Response-Delay"    found in filter list for realm "DEFAULT".
Tue Jan 17 22:22:14 2017 : Warning: 
[raddb//mods-config/attr_filter/access_reject]:11 Check item 
"FreeRADIUS-Response-Delay-USec"       found in filter list for realm 
"DEFAULT".
Tue Jan 17 22:22:14 2017 : Info: Loaded virtual server <default>
Tue Jan 17 22:22:14 2017 : Info: Loaded virtual server packetfence-cli
Tue Jan 17 22:22:14 2017 : Info: Loaded virtual server dynamic_clients
Tue Jan 17 22:22:14 2017 : Info: Loaded virtual server packetfence-tunnel
Tue Jan 17 22:22:14 2017 : Info: Loaded virtual server packetfence
Tue Jan 17 22:22:14 2017 : Info: Ready to process requests
Tue Jan 17 22:22:33 2017 : ERROR: (0) rest: ERROR: Server returned:
Tue Jan 17 22:22:33 2017 : ERROR: (0) rest: ERROR: 
{"Reply-Message":"Switch is not managed by 
PacketFence","reply:PacketFence-Authorization-Status":"allow"}
Tue Jan 17 22:22:33 2017 : Info: rlm_rest (rest): Need 5 more 
connections to reach 10 spares
Tue Jan 17 22:22:33 2017 : Info: rlm_rest (rest): Opening additional 
connection (5), 1 of 59 pending slots used
Tue Jan 17 22:22:33 2017 : Info: rlm_sql (sql): Need 4 more connections 
to reach 10 spares
Tue Jan 17 22:22:33 2017 : Info: rlm_sql (sql): Opening additional 
connection (6), 1 of 58 pending slots used
Tue Jan 17 22:22:33 2017 : [mac:] Accepted user:  and returned VLAN
Tue Jan 17 22:22:33 2017 : Auth: (0) Rejected in post-auth: 
[denis.bonnenfant] (from client localhost port 12)


------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, SlashDot.org! http://sdm.link/slashdot
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users

Reply via email to