Yes, but the user being check is "[email protected]" Since it's AD I only want to check membership for "radtest".
The change I made to the source seems to fix the problem. -Neil -- Neil Johnson Network Engineer Information Technology Services The University of Iowa 319 384-0938 [email protected] > -----Original Message----- > From: Sami Keski-Kasari [mailto:[email protected]] > Sent: Wednesday, November 17, 2010 11:21 AM > To: Johnson, Neil M; Johnson, Neil M; [email protected] > Subject: Re: [RADIATOR] Add UsernameMatchesWithoutRealm to Auth by LSA > > Hi Neil, > > As you can see, it is actually working, but it says: > User is not a member of any Group: radtest [[email protected]] > > So I think that problem is with your group checking. > > -- > Sami > > > > "Johnson, Neil M" <[email protected]> wrote: > > >Hmmm, it appears to be in the source code, but doesn't seem to work. > >Something to do with group checking ? > > > >-Neil > > > > > >Wed Nov 17 10:55:20 2010: DEBUG: Handling request with Handler > >'TunnelledByPEAP=1', Identifier '' > >Wed Nov 17 10:55:20 2010: DEBUG: Deleting session for > >[email protected], 128.255.11.74, 18433 > >Wed Nov 17 10:55:20 2010: DEBUG: Handling with Radius::AuthLSA: > >Wed Nov 17 10:55:20 2010: DEBUG: Handling with EAP: code 2, 10, 72, 26 > >Wed Nov 17 10:55:20 2010: DEBUG: Response type 26 > >Wed Nov 17 10:55:20 2010: DEBUG: Radius::AuthLSA looks for match with > >radtest [[email protected]] > >Wed Nov 17 10:55:20 2010: DEBUG: Checking LSA Group membership for > >\\IOWADC1, ITS-WIRELESS-IOWA, [email protected] > >Wed Nov 17 10:55:20 2010: DEBUG: Radius::AuthLSA REJECT: AuthBy LSA > >User is not a member of any Group: radtest [[email protected]] > >Wed Nov 17 10:55:20 2010: DEBUG: EAP result: 1, EAP MSCHAP V2 failed: > >no such user radtest > >Wed Nov 17 10:55:20 2010: DEBUG: AuthBy LSA result: REJECT, EAP MSCHAP > >V2 failed: no such user radtest > >Wed Nov 17 10:55:20 2010: DEBUG: Handling with Radius::AuthLSA: > >Wed Nov 17 10:55:20 2010: DEBUG: Handling with EAP: code 2, 10, 72, 26 > >Wed Nov 17 10:55:20 2010: DEBUG: Response type 26 > >Wed Nov 17 10:55:20 2010: DEBUG: Radius::AuthLSA looks for match with > >radtest [[email protected]] > >Wed Nov 17 10:55:20 2010: DEBUG: Checking LSA Group membership for > >\\IOWADC1, ITS-WIRELESS-QUARANTINE, [email protected] > >Wed Nov 17 10:55:20 2010: DEBUG: Radius::AuthLSA REJECT: AuthBy LSA > >User is not a member of any Group: radtest [[email protected]] > >Wed Nov 17 10:55:20 2010: DEBUG: EAP result: 1, EAP MSCHAP V2 failed: > >no such user radtest > >Wed Nov 17 10:55:20 2010: DEBUG: AuthBy LSA result: REJECT, EAP MSCHAP > >V2 failed: no such user radtest > >Wed Nov 17 10:55:20 2010: DEBUG: Handling with Radius::AuthFILE: > >Wed Nov 17 10:55:20 2010: DEBUG: Handling with EAP: code 2, 10, 72, 26 > >Wed Nov 17 10:55:20 2010: DEBUG: Response type 26 > >Wed Nov 17 10:55:20 2010: DEBUG: Reading users file c:\Program > >Files\Radiator/eduroam_test_users > >Wed Nov 17 10:55:20 2010: DEBUG: Radius::AuthFILE looks for match with > >[email protected] [[email protected]] > >Wed Nov 17 10:55:21 2010: DEBUG: Radius::AuthFILE REJECT: No such > user: > >[email protected] [[email protected]] > >Wed Nov 17 10:55:21 2010: DEBUG: EAP result: 1, EAP MSCHAP V2 failed: > >no such user [email protected] > >Wed Nov 17 10:55:21 2010: DEBUG: AuthBy FILE result: REJECT, EAP > MSCHAP > >V2 failed: no such user [email protected] > >Wed Nov 17 10:55:21 2010: INFO: Access rejected for [email protected]: > >EAP MSCHAP V2 failed: no such user [email protected] > >Wed Nov 17 10:55:21 2010: DEBUG: PostProcessing Hook: called. > >Wed Nov 17 10:55:21 2010: DEBUG: Returned PEAP tunnelled packet dump: > >Code: Access-Reject > > > >-- > >Neil Johnson > >Network Engineer > >Information Technology Services > >The University of Iowa > >319 384-0938 > >[email protected] > > > > > >> -----Original Message----- > >> From: [email protected] [mailto:radiator- > >> [email protected]] On Behalf Of Johnson, Neil M > >> Sent: Wednesday, November 17, 2010 10:39 AM > >> To: [email protected] > >> Subject: [RADIATOR] Add UsernameMatchesWithoutRealm to Auth by LSA > >> > >> > >> Would it be possible to add the "UsernameMatchesWithoutRealm" to the > >> "AuthBy LSA" method ? > >> > >> -Neil > >> > >> > >> -- > >> Neil Johnson > >> Network Engineer > >> Information Technology Services > >> The University of Iowa > >> 319 384-0938 > >> [email protected] > >> > >> > >> _______________________________________________ > >> radiator mailing list > >> [email protected] > >> http://www.open.com.au/mailman/listinfo/radiator > >_______________________________________________ > >radiator mailing list > >[email protected] > >http://www.open.com.au/mailman/listinfo/radiator > > -- > Sami _______________________________________________ radiator mailing list [email protected] http://www.open.com.au/mailman/listinfo/radiator
