I know I am only currently evaluating the product but please assist.
I have installed the NET::LDAPapi Module 1.42 running under Perl
5.005_03 and Solaris 8
I installed the NET::LDAPapi Module with Netscape's LDAP SDK 3.0 (as 4.1
did not work)
I am at the point after the make test ie the final test (point 12
http://www.open.com.au/radiator/install.html)
This test against the file authentication works fine everytime but
against my Netscape Directory Server 4.12 I get the following (there are
2 configurations and 2 results listed):
CONFIGURATION 1
# myldap.cfg
#
# You should consider this file to be a starting point only
# $Id: ldap.cfg,v 1.2 2000/02/15 07:07:54 mikem Exp $
Foreground
LogStdout
LogDir .
DbDir .
Trace 4
# You will probably want to change this to suit your site.
<Client DEFAULT>
Secret mysecret
DupInterval 0
</Client>
<Realm DEFAULT>
<AuthBy LDAP>
# Tell Radiator how to talk to the LDAP server
Host dir01.dingoblue.com.au
# You will only need these if your LDAP server
# requires authentication:
#AuthDN cn=Directory Manager
#AuthPassword xxxxxxxx - Replaced
# This the top of the search tree where users
# will be found. It should match the configuration
# of your server
BaseDN o=ISP
# This is the attribute to match the radius user name
UsernameAttr uid
# If you dont specify ServerChecksPassword, you
# need to tell Radiator wjhich attribute contains
# the password. It can be plaintext or encrypted
#EncryptedPasswordAttr userPassword
PasswordAttr userpassword
# You can use CheckAttr, ReplyAttr and AuthAttrDef
# to specify check and reply attributes int eh LDAP
# database. See the reference manual for more
# information
# These are the classic things to add to each users
# reply to allow a PPP dialup session. It may be
# different for your NAS. This will add some
# reply items to everyone's reply
AddToReply Framed-Protocol = PPP,\
Framed-IP-Netmask = 255.255.255.255,\
Framed-Routing = None,\
Framed-MTU = 1500,\
Framed-Compression = Van-Jacobson-TCP-IP
# You can enable debugging of the Net::LDAP
# module with this:
#Debug 255
</AuthBy>
# Log accounting to the detail file in LogDir
AcctLogFileName ./detail
</Realm>
RESULT
# perl radiusd -config_file goodies/myldap.cfg
This Radiator license will expire on 2001-03-01
This Radiator license will stop operating after 1000 requests
To purchase an unlimited full source version of Radiator, see
http://www.open.com.au/radiator/ordering.html
Mon Feb 5 13:31:07 2001: INFO: Server started: Radiator 2.17.1 on
auth01 (DEMO)
Mon Feb 5 13:31:22 2001: DEBUG: Packet dump:
*** Received from 127.0.0.1 port 33632 ....
Code: Access-Request
Identifier: 67
Authentic: 1234567890123456
Attributes:
User-Name = "fred"
Service-Type = Framed-User
NAS-IP-Address = 203.63.154.1
NAS-Port = 1234
NAS-Port-Type = Async
User-Password =
"<159><249>:<201><175>\<4><246><188>8<9><160><216>}x<153>"
Mon Feb 5 13:31:22 2001: DEBUG: Handling request with Handler
'Realm=DEFAULT'
Mon Feb 5 13:31:22 2001: DEBUG: Deleting session for fred,
203.63.154.1, 1234
Mon Feb 5 13:31:22 2001: DEBUG: Handling with Radius::AuthLDAP
Mon Feb 5 13:31:22 2001: DEBUG: Connecting to dir01.dingoblue.com.au,
port 389
Mon Feb 5 13:31:22 2001: DEBUG: LDAP got result for uid=fred,o=ISP
Mon Feb 5 13:31:22 2001: DEBUG: LDAP got userpassword:
{SHA}MQF6ciZl5K/OWGlQ9ClEptMx2r8=
Mon Feb 5 13:31:22 2001: DEBUG: Radius::AuthLDAP looks for match with
fred
#
CONFIGURATION 2
# myldap.cfg
#
# You should consider this file to be a starting point only
# $Id: ldap.cfg,v 1.2 2000/02/15 07:07:54 mikem Exp $
Foreground
LogStdout
LogDir .
DbDir .
Trace 4
# You will probably want to change this to suit your site.
<Client DEFAULT>
Secret mysecret
DupInterval 0
</Client>
<Realm DEFAULT>
<AuthBy LDAP>
# Tell Radiator how to talk to the LDAP server
Host dir01.dingoblue.com.au
# You will only need these if your LDAP server
# requires authentication:
AuthDN cn=Directory Manager
AuthPassword xxxxxxxx - Replaced
# This the top of the search tree where users
# will be found. It should match the configuration
# of your server
BaseDN o=ISP
# This is the attribute to match the radius user name
UsernameAttr uid
# If you dont specify ServerChecksPassword, you
# need to tell Radiator wjhich attribute contains
# the password. It can be plaintext or encrypted
#EncryptedPasswordAttr userPassword
PasswordAttr userpassword
# You can use CheckAttr, ReplyAttr and AuthAttrDef
# to specify check and reply attributes int eh LDAP
# database. See the reference manual for more
# information
# These are the classic things to add to each users
# reply to allow a PPP dialup session. It may be
# different for your NAS. This will add some
# reply items to everyone's reply
AddToReply Framed-Protocol = PPP,\
Framed-IP-Netmask = 255.255.255.255,\
Framed-Routing = None,\
Framed-MTU = 1500,\
Framed-Compression = Van-Jacobson-TCP-IP
# You can enable debugging of the Net::LDAP
# module with this:
#Debug 255
</AuthBy>
# Log accounting to the detail file in LogDir
AcctLogFileName ./detail
</Realm>
RESULT
# perl radiusd -config_file goodies/myldap.cfg
This Radiator license will expire on 2001-03-01
This Radiator license will stop operating after 1000 requests
To purchase an unlimited full source version of Radiator, see
http://www.open.com.au/radiator/ordering.html
Mon Feb 5 13:57:58 2001: INFO: Server started: Radiator 2.17.1 on
auth01 (DEMO)
Mon Feb 5 13:58:02 2001: DEBUG: Packet dump:
*** Received from 127.0.0.1 port 33642 ....
Code: Access-Request
Identifier: 137
Authentic: 1234567890123456
Attributes:
User-Name = "fred"
Service-Type = Framed-User
NAS-IP-Address = 203.63.154.1
NAS-Port = 1234
NAS-Port-Type = Async
User-Password =
"<159><249>:<201><175>\<4><246><188>8<9><160><216>}x<153>"
Mon Feb 5 13:58:02 2001: DEBUG: Handling request with Handler
'Realm=DEFAULT'
Mon Feb 5 13:58:02 2001: DEBUG: Deleting session for fred,
203.63.154.1, 1234
Mon Feb 5 13:58:02 2001: DEBUG: Handling with Radius::AuthLDAP
Mon Feb 5 13:58:02 2001: DEBUG: Connecting to dir01.dingoblue.com.au,
port 389
Mon Feb 5 13:58:02 2001: DEBUG: LDAP got result for uid=fred,o=ISP
Mon Feb 5 13:58:02 2001: ERR: There was no password attribute found for
fred. Check your LDAP database.
Mon Feb 5 13:58:02 2001: DEBUG: Radius::AuthLDAP looks for match with
fred
Mon Feb 5 13:58:02 2001: DEBUG: Radius::AuthLDAP REJECT: Bad Encrypted
password
Mon Feb 5 13:58:02 2001: DEBUG: No entries for DEFAULT found in LDAP
database
Mon Feb 5 13:58:02 2001: INFO: Access rejected for fred: Bad Encrypted
password
Mon Feb 5 13:58:02 2001: DEBUG: Packet dump:
*** Sending to 127.0.0.1 port 33642 ....
Code: Access-Reject
Identifier: 137
Authentic: 1234567890123456
Attributes:
Reply-Message = "Request Denied"
Mon Feb 5 13:58:02 2001: DEBUG: Packet dump:
*** Received from 127.0.0.1 port 33642 ....
Code: Accounting-Request
Identifier: 138
Authentic: <191>+MqC<6>%<1><148><137><246>}<204><197><253><170>
Attributes:
User-Name = "fred"
Service-Type = Framed-User
NAS-IP-Address = 203.63.154.1
NAS-Port = 1234
NAS-Port-Type = Async
Acct-Session-Id = "00001234"
Acct-Status-Type = Start
Mon Feb 5 13:58:02 2001: DEBUG: Handling request with Handler
'Realm=DEFAULT'
Mon Feb 5 13:58:02 2001: DEBUG: Adding session for fred, 203.63.154.1,
1234
Mon Feb 5 13:58:02 2001: DEBUG: Handling with Radius::AuthLDAP
Mon Feb 5 13:58:02 2001: DEBUG: Accounting accepted
Mon Feb 5 13:58:02 2001: DEBUG: Packet dump:
*** Sending to 127.0.0.1 port 33642 ....
Code: Accounting-Response
Identifier: 138
Authentic: <191>+MqC<6>%<1><148><137><246>}<204><197><253><170>
Attributes:
Mon Feb 5 13:58:02 2001: DEBUG: Packet dump:
*** Received from 127.0.0.1 port 33642 ....
Code: Accounting-Request
Identifier: 139
Authentic: z[<173>[<140><184><250>v+]<145>~<245>89b
Attributes:
User-Name = "fred"
Service-Type = Framed-User
NAS-IP-Address = 203.63.154.1
NAS-Port = 1234
NAS-Port-Type = Async
Acct-Session-Id = "00001234"
Acct-Status-Type = Stop
Acct-Delay-Time = 0
Acct-Session-Time = 1000
Acct-Input-Octets = 20000
Acct-Output-Octets = 30000
Mon Feb 5 13:58:02 2001: DEBUG: Handling request with Handler
'Realm=DEFAULT'
Mon Feb 5 13:58:02 2001: DEBUG: Deleting session for fred,
203.63.154.1, 1234
Mon Feb 5 13:58:02 2001: DEBUG: Handling with Radius::AuthLDAP
Mon Feb 5 13:58:02 2001: DEBUG: Accounting accepted
Mon Feb 5 13:58:02 2001: DEBUG: Packet dump:
*** Sending to 127.0.0.1 port 33642 ....
Code: Accounting-Response
Identifier: 139
Authentic: z[<173>[<140><184><250>v+]<145>~<245>89b
Attributes:
In the first result the Radiator server quit and the test stated 'No
Response'
Also why is the second result doing a lookup against DEFAULT ?
Any ideas
Stuart Clifton
Dingo Blue
===
Archive at http://www.starport.net/~radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
