Re: Configuring Freeradius with LDAP
Hi, Actually what was helpful is reading the comments in radiusd.conf . Location of ldap config changed starting 2.0.0 . I successfully configured it Thanks. Wassim C. Zaarour Systems Network Engineer On 4/18/12 11:12 PM, Mark Holmes mark.hol...@nuffield.ox.ac.uk wrote: I think http://wiki.freeradius.org/Rlm_ldap Has what you are after. Mark On 18 Apr 2012, at 18:53, Wassim Zaarour wassim.zaar...@navlink.commailto:wassim.zaar...@navlink.com wrote: Hi List, I have installed freeradius 2.1.12, and it's working well. Now I need to configure it to authenticate with LDAP (Sun Directory Server) but I can't seem to find which file to configure in raddb, I can't find it in radiusd.conf I appreciated any help on this. Wassim C. Zaarour Systems Network Engineer - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html Nuffield College is a Registered Charity No. 1137506. Registered Office: Nuffield College, New Road, Oxford, OX1 1NF - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Configuring Freeradius with LDAP
Hi List, I have installed freeradius 2.1.12, and it's working well. Now I need to configure it to authenticate with LDAP (Sun Directory Server) but I can't seem to find which file to configure in raddb, I can't find it in radiusd.conf I appreciated any help on this. Wassim C. Zaarour Systems Network Engineer - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Configuring Freeradius with LDAP
Am 18.04.2012 19:47, schrieb Wassim Zaarour: Now I need to configure it to authenticate with LDAP (Sun Directory Server) but I can't seem to find which file to configure in raddb, I can't find it in radiusd.conf Did you tried google or just the searchbox on wiki.freeradius.org? http://wiki.freeradius.org/search?q=ldap Tobias Hachmer - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Configuring Freeradius with LDAP
I think http://wiki.freeradius.org/Rlm_ldap Has what you are after. Mark On 18 Apr 2012, at 18:53, Wassim Zaarour wassim.zaar...@navlink.commailto:wassim.zaar...@navlink.com wrote: Hi List, I have installed freeradius 2.1.12, and it's working well. Now I need to configure it to authenticate with LDAP (Sun Directory Server) but I can't seem to find which file to configure in raddb, I can't find it in radiusd.conf I appreciated any help on this. Wassim C. Zaarour Systems Network Engineer - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html Nuffield College is a Registered Charity No. 1137506. Registered Office: Nuffield College, New Road, Oxford, OX1 1NF - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Configuring Freeradius with Ldap Windows Server 2003
Hi, How configuring freeradius with ldap windows server 2003 ? I do in my freeradius, when I installed it is ./configure --prefix=/usr/local/freeradius --with-modules=rlm-ldap Until I'm configured in radiusd.conf It's Still radiusd.conf[744] Failed to link to module 'rlm_ldap': rlm_ldap.so: cannot open shared object file: No such file or directory radiusd.conf[1956] Unknown module ldap. radiusd.conf[1956] Failed to parse ldap entry. I'm confused now... - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Configuring Freeradius with Ldap Windows Server 2003
Hari Novferdianto wrote: Hi, How configuring freeradius with ldap windows server 2003 ? I do in my freeradius, when I installed it is ./configure --prefix=/usr/local/freeradius --with-modules=rlm-ldap That isn't enough. You need to have the local LDAP libraries header files on your system. FreeRADIUS does *not* implement the LDAP protocol. Until I'm configured in radiusd.conf It's Still radiusd.conf[744] Failed to link to module 'rlm_ldap': rlm_ldap.so: cannot open shared object file: No such file or directory radiusd.conf[1956] Unknown module ldap. radiusd.conf[1956] Failed to parse ldap entry. The module doesn't exist because it wasn't built. It wasn't built because the things it needs (see above) don't exist. Install the LDAP libraries development header files on your system, and then re-build FreeRADIUS. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: problem configuring freeradius with ldap user database
Hello Ivan The solution previously suggested by Alan worked. Thanks Sambuddho On Sat, 2008-06-14 at 18:15 +0100, Ivan Kalik wrote: rlm_ldap: Added password {crypt}$1$2Pl0Lm5O$ot8mrXYBaAg12RoBogNDK. in check items Are you sure that's crypt? It looks like MD5 to me. Ivan Kalik Kalik Informatika ISP - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
problem configuring freeradius with ldap user database
Hello All I am experiencing a problem while trying to authenticate the username/password in LDAP through a freeradius server. While a regular telnet/ssh to the edge running a openLdap client / PAM module works fine (It is able to authenticate) but the problem arises when trying to authenticate using the freeradius server . This is what the log message looks like : User-Name = try User-Password = trialanderror NAS-IP-Address = 127.0.0.1 NAS-Port = 2 Processing the authorize section of radiusd.conf modcall: entering group authorize for request 0 modcall[authorize]: module preprocess returns ok for request 0 modcall[authorize]: module chap returns noop for request 0 modcall[authorize]: module mschap returns noop for request 0 rlm_realm: No '@' in User-Name = try, looking up realm NULL rlm_realm: No such realm NULL modcall[authorize]: module suffix returns noop for request 0 rlm_eap: No EAP-Message, not doing EAP modcall[authorize]: module eap returns noop for request 0 users: Matched entry DEFAULT at line 152 users: Matched entry DEFAULT at line 155 modcall[authorize]: module files returns ok for request 0 rlm_ldap: - authorize rlm_ldap: performing user authorization for try radius_xlat: '(uid=try)' radius_xlat: 'ou=People,dc=example,dc=com' rlm_ldap: ldap_get_conn: Checking Id: 0 rlm_ldap: ldap_get_conn: Got Id: 0 rlm_ldap: attempting LDAP reconnection rlm_ldap: (re)connect to 30.0.0.2:389, authentication 0 rlm_ldap: bind as / to 30.0.0.2:389 rlm_ldap: waiting for bind result ... rlm_ldap: Bind was successful rlm_ldap: performing search in ou=People,dc=example,dc=com, with filter (uid=try) rlm_ldap: Added password {crypt}$1$2Pl0Lm5O$ot8mrXYBaAg12RoBogNDK. in check items rlm_ldap: looking for check items in directory... rlm_ldap: looking for reply items in directory... rlm_ldap: user try authorized to use remote access rlm_ldap: ldap_release_conn: Release Id: 0 modcall[authorize]: module ldap returns ok for request 0 modcall: group authorize returns ok for request 0 rad_check_password: Found Auth-Type LDAP auth: type LDAP Processing the authenticate section of radiusd.conf modcall: entering group Auth-Type for request 0 rlm_ldap: - authenticate rlm_ldap: login attempt by try with password trialanderror rlm_ldap: user DN: uid=try,ou=People,dc=example,dc=com rlm_ldap: (re)connect to 30.0.0.2:389, authentication 1 rlm_ldap: bind as uid=try,ou=People,dc=example,dc=com/trialanderror to 30.0.0.2:389 rlm_ldap: waiting for bind result ... rlm_ldap: Bind failed with invalid credentials modcall[authenticate]: module ldap returns reject for request 0 modcall: group Auth-Type returns reject for request 0 auth: Failed to validate the user. Delaying request 0 for 1 seconds Finished request 0 Going to the next request --- Walking the entire request list --- Waking up in 1 seconds... --- Walking the entire request list --- Waking up in 1 seconds... Here you can see that the authorization of a user 'try' having password 'trialanderror' works fine but authentication fails. The host running the freeradius server is Fedora Core 5 running linux 2.6.25. Could you please suggest where we are going wrong. I am sending you a copy of the /etc/raddb/users file as well. DEFAULT Auth-Type = System Fall-Through = 1 DEFAULT Auth-Type := LDAP Fall-Through = 0 Any help would be gratefully appreciated. Thanks Sambuddho - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: problem configuring freeradius with ldap user database
Sambuddho Chakravarty wrote: I am experiencing a problem while trying to authenticate the username/password in LDAP through a freeradius server. While a regular telnet/ssh to the edge running a openLdap client / PAM module works fine (It is able to authenticate) but the problem arises when trying to authenticate using the freeradius server . This is what the log message looks like : User-Name = try User-Password = trialanderror NAS-IP-Address = 127.0.0.1 ... rlm_ldap: performing search in ou=People,dc=example,dc=com, with filter (uid=try) rlm_ldap: Added password {crypt}$1$2Pl0Lm5O$ot8mrXYBaAg12RoBogNDK. in check items If you do NOTHING more than configure ldap in the default configuration, this should work. modcall[authorize]: module ldap returns ok for request 0 modcall: group authorize returns ok for request 0 You're not using 2.0, and you've edited the default configuration. DO use a recent version. DON'T edit the configuration to re-arrange the modules in the authorize section. Here you can see that the authorization of a user 'try' having password 'trialanderror' works fine but authentication fails. The host running the freeradius server is Fedora Core 5 running linux 2.6.25. The OS doesn't matter. The version of FreeRADIUS does. It seems you're using 1.1.x. You should at LEAST upgrade to 1.1.7. Then, un-comment the references to LDAP, and configure the LDAP module. The test WILL work. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: problem configuring freeradius with ldap user database
Hello Alan Thanks a lot! Ill check this out. Sambuddho On Sat, 2008-06-14 at 09:22 +0200, Alan DeKok wrote: Sambuddho Chakravarty wrote: I am experiencing a problem while trying to authenticate the username/password in LDAP through a freeradius server. While a regular telnet/ssh to the edge running a openLdap client / PAM module works fine (It is able to authenticate) but the problem arises when trying to authenticate using the freeradius server . This is what the log message looks like : User-Name = try User-Password = trialanderror NAS-IP-Address = 127.0.0.1 ... rlm_ldap: performing search in ou=People,dc=example,dc=com, with filter (uid=try) rlm_ldap: Added password {crypt}$1$2Pl0Lm5O$ot8mrXYBaAg12RoBogNDK. in check items If you do NOTHING more than configure ldap in the default configuration, this should work. modcall[authorize]: module ldap returns ok for request 0 modcall: group authorize returns ok for request 0 You're not using 2.0, and you've edited the default configuration. DO use a recent version. DON'T edit the configuration to re-arrange the modules in the authorize section. Here you can see that the authorization of a user 'try' having password 'trialanderror' works fine but authentication fails. The host running the freeradius server is Fedora Core 5 running linux 2.6.25. The OS doesn't matter. The version of FreeRADIUS does. It seems you're using 1.1.x. You should at LEAST upgrade to 1.1.7. Then, un-comment the references to LDAP, and configure the LDAP module. The test WILL work. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: problem configuring freeradius with ldap user database
rlm_ldap: Added password {crypt}$1$2Pl0Lm5O$ot8mrXYBaAg12RoBogNDK. in check items Are you sure that's crypt? It looks like MD5 to me. Ivan Kalik Kalik Informatika ISP - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html