Are you really using (crypt) with Netscape Directory server? Because if you
use SHA, you don't need to use Encrypted-password as Radiator understands
the {SHA} signature (once you've installed SHA support in Perl :-). Well,
maybe it is the same with {crypt}, just use PasswortAttr and let Radiator
look for the tag.
/Ingvar
Ericsson Radio Systems AB
Center for Wireless Internet Integration
P.O. Box 1885, Teknikringen 8, S-581 17 Link�ping, Sweden
Phone +46 13 32 22 87
Mobile +46 70 321 3395
Fax +46 70 617 3395
mailto: [EMAIL PROTECTED]
> -----Original Message-----
> From: Lasse L. Johnsen [mailto:[EMAIL PROTECTED]]
> Sent: den 10 juni 1999 15:50
> To: [EMAIL PROTECTED]
> Subject: (RADIATOR) LDAP funktion and Netscape LDAP server
>
>
> Hello,
>
> This email is regarding a possible problem in the Radiator
> Radius server
> when it is working with Netscapes LDAP server.
>
>
> Here is a radius log dump:
> ______________________________________________________________
> ______________
> _________________
>
> Thu Jun 10 08:01:12 1999: DEBUG: Packet dump:
> *** Received from 194.177.224.55 port 3775 ....
> Code: Access-Request
> Identifier: 125
> Authentic: _<164>U7m""<14>X"<165><230>iQ<251><206>
> Attributes:
> Service-Type = Login-User
> User-Name = "jfs"
> User-Password =
> "<155><227><240><198><155>.?<24><164><154><189><1><19><2
> 15><148><148>"
> NAS-IP-Address = 194.177.224.55
> NAS-Port = 0
> Thu Jun 10 08:01:12 1999: DEBUG: Handling request with Handler
> 'Realm=DEFAULT'
> Thu Jun 10 08:01:12 1999: DEBUG: Handling with Radius::AuthLDAP
> Thu Jun 10 08:01:12 1999: DEBUG: Connecting to
> tgserv.tele.gl, port 389
> Thu Jun 10 08:01:12 1999: DEBUG: LDAP got result for
> uid=jfs,o=greennet.gl
> Thu Jun 10 08:01:12 1999: DEBUG: LDAP got userpassword:
>45wDd3av8.pmCk
> Thu Jun 10 08:01:12 1999: DEBUG: Radius::AuthLDAP looks for
> match with jfs
> Thu Jun 10 08:01:12 1999: DEBUG: Radius::AuthLDAP REJECT: Bad
> Encrypted-Password
> Thu Jun 10 08:01:13 1999: DEBUG: No entries for DEFAULT found in LDAP
> database
> Thu Jun 10 08:01:13 1999: INFO: Access rejected for jfs: Bad
> Encrypted-Password
> Thu Jun 10 08:01:13 1999: DEBUG: Packet dump:
> *** Sending to 194.177.224.55 port 3775 ....
> Code: Access-Reject
> Identifier: 125
> Authentic: _<164>U7m""<14>X"<165><230>iQ<251><206>
> Attributes:
> Reply-Message = "Request Denied"
>
> ______________________________________________________________
> ______________
> __________
>
> And here's from the LDAP server:
>
> [10/Jun/1999:09:12:03 -0200] conn=49 fd=25 slot=25 connection from
> 194.177.224.5
> [10/Jun/1999:09:12:03 -0200] conn=49 op=0 BIND dn="cn=Administrator"
> method=
> 128 version=2
> [10/Jun/1999:09:12:03 -0200] conn=49 op=0 RESULT err=0 tag=97
> nentries=0
> [10/Jun/1999:09:12:03 -0200] conn=49 op=1 SRCH
> base="o=greennet.gl" scope=2
> filt
> er="(uid=jfs)"
> [10/Jun/1999:09:12:03 -0200] conn=49 op=1 RESULT err=0
> tag=101 nentries=1
> [10/Jun/1999:09:12:03 -0200] conn=49 op=2 SRCH
> base="o=greennet.gl" scope=2
> filt
> er="(uid=DEFAULT)"
> [10/Jun/1999:09:12:03 -0200] conn=49 op=2 RESULT err=0
> tag=101 nentries=0
>
> ______________________________________________________________
> ______________
> _______________
>
> First of all - Why is the radius server looking for a default
> user in the
> LDAP server?
>
> Second of all - {crypt}45wDd3av8.pmCk is from the LDAP server - the
> {crypt} shoulden't be used in the compairisment - yet I think
> it is.(?)
>
> So is this the reason for the authtification going wrong?
>
> Thank you for taking the time to read my mail.
>
> Best Regards
> Lasse L. Johnsen /System Administrator /TELE Greenland Internet
>
> ===
> Archive at http://www.thesite.com.au/~radiator/
> To unsubscribe, email '[EMAIL PROTECTED]' with
> 'unsubscribe radiator' in the body of the message.
>
�
Archive at http://www.thesite.com.au/~radiator/
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
