Re: Configuring Freeradius with LDAP
Hi, Actually what was helpful is reading the comments in radiusd.conf . Location of ldap config changed starting 2.0.0 . I successfully configured it Thanks. Wassim C. Zaarour Systems Network Engineer On 4/18/12 11:12 PM, Mark Holmes mark.hol...@nuffield.ox.ac.uk wrote: I think http://wiki.freeradius.org/Rlm_ldap Has what you are after. Mark On 18 Apr 2012, at 18:53, Wassim Zaarour wassim.zaar...@navlink.commailto:wassim.zaar...@navlink.com wrote: Hi List, I have installed freeradius 2.1.12, and it's working well. Now I need to configure it to authenticate with LDAP (Sun Directory Server) but I can't seem to find which file to configure in raddb, I can't find it in radiusd.conf I appreciated any help on this. Wassim C. Zaarour Systems Network Engineer - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html Nuffield College is a Registered Charity No. 1137506. Registered Office: Nuffield College, New Road, Oxford, OX1 1NF - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Configuring Freeradius with LDAP
Hi List, I have installed freeradius 2.1.12, and it's working well. Now I need to configure it to authenticate with LDAP (Sun Directory Server) but I can't seem to find which file to configure in raddb, I can't find it in radiusd.conf I appreciated any help on this. Wassim C. Zaarour Systems Network Engineer - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Configuring Freeradius with LDAP
Am 18.04.2012 19:47, schrieb Wassim Zaarour: Now I need to configure it to authenticate with LDAP (Sun Directory Server) but I can't seem to find which file to configure in raddb, I can't find it in radiusd.conf Did you tried google or just the searchbox on wiki.freeradius.org? http://wiki.freeradius.org/search?q=ldap Tobias Hachmer - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Configuring Freeradius with LDAP
I think http://wiki.freeradius.org/Rlm_ldap Has what you are after. Mark On 18 Apr 2012, at 18:53, Wassim Zaarour wassim.zaar...@navlink.commailto:wassim.zaar...@navlink.com wrote: Hi List, I have installed freeradius 2.1.12, and it's working well. Now I need to configure it to authenticate with LDAP (Sun Directory Server) but I can't seem to find which file to configure in raddb, I can't find it in radiusd.conf I appreciated any help on this. Wassim C. Zaarour Systems Network Engineer - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html Nuffield College is a Registered Charity No. 1137506. Registered Office: Nuffield College, New Road, Oxford, OX1 1NF - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Configuring Freeradius with Ldap Windows Server 2003
Hi, How configuring freeradius with ldap windows server 2003 ? I do in my freeradius, when I installed it is ./configure --prefix=/usr/local/freeradius --with-modules=rlm-ldap Until I'm configured in radiusd.conf It's Still radiusd.conf[744] Failed to link to module 'rlm_ldap': rlm_ldap.so: cannot open shared object file: No such file or directory radiusd.conf[1956] Unknown module ldap. radiusd.conf[1956] Failed to parse ldap entry. I'm confused now... - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Configuring Freeradius with Ldap Windows Server 2003
Hari Novferdianto wrote: Hi, How configuring freeradius with ldap windows server 2003 ? I do in my freeradius, when I installed it is ./configure --prefix=/usr/local/freeradius --with-modules=rlm-ldap That isn't enough. You need to have the local LDAP libraries header files on your system. FreeRADIUS does *not* implement the LDAP protocol. Until I'm configured in radiusd.conf It's Still radiusd.conf[744] Failed to link to module 'rlm_ldap': rlm_ldap.so: cannot open shared object file: No such file or directory radiusd.conf[1956] Unknown module ldap. radiusd.conf[1956] Failed to parse ldap entry. The module doesn't exist because it wasn't built. It wasn't built because the things it needs (see above) don't exist. Install the LDAP libraries development header files on your system, and then re-build FreeRADIUS. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: problem configuring freeradius with ldap user database
Hello Ivan
The solution previously suggested by Alan worked.
Thanks
Sambuddho
On Sat, 2008-06-14 at 18:15 +0100, Ivan Kalik wrote:
rlm_ldap: Added password {crypt}$1$2Pl0Lm5O$ot8mrXYBaAg12RoBogNDK. in
check items
Are you sure that's crypt? It looks like MD5 to me.
Ivan Kalik
Kalik Informatika ISP
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
problem configuring freeradius with ldap user database
Hello All
I am experiencing a problem while trying to authenticate the
username/password in LDAP through a freeradius server. While a regular
telnet/ssh to the edge running a openLdap client / PAM module works fine
(It is able to authenticate) but the problem arises when trying to
authenticate using the freeradius server .
This is what the log message looks like :
User-Name = try
User-Password = trialanderror
NAS-IP-Address = 127.0.0.1
NAS-Port = 2
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 0
modcall[authorize]: module preprocess returns ok for request 0
modcall[authorize]: module chap returns noop for request 0
modcall[authorize]: module mschap returns noop for request 0
rlm_realm: No '@' in User-Name = try, looking up realm NULL
rlm_realm: No such realm NULL
modcall[authorize]: module suffix returns noop for request 0
rlm_eap: No EAP-Message, not doing EAP
modcall[authorize]: module eap returns noop for request 0
users: Matched entry DEFAULT at line 152
users: Matched entry DEFAULT at line 155
modcall[authorize]: module files returns ok for request 0
rlm_ldap: - authorize
rlm_ldap: performing user authorization for try
radius_xlat: '(uid=try)'
radius_xlat: 'ou=People,dc=example,dc=com'
rlm_ldap: ldap_get_conn: Checking Id: 0
rlm_ldap: ldap_get_conn: Got Id: 0
rlm_ldap: attempting LDAP reconnection
rlm_ldap: (re)connect to 30.0.0.2:389, authentication 0
rlm_ldap: bind as / to 30.0.0.2:389
rlm_ldap: waiting for bind result ...
rlm_ldap: Bind was successful
rlm_ldap: performing search in ou=People,dc=example,dc=com, with filter
(uid=try)
rlm_ldap: Added password {crypt}$1$2Pl0Lm5O$ot8mrXYBaAg12RoBogNDK. in
check items
rlm_ldap: looking for check items in directory...
rlm_ldap: looking for reply items in directory...
rlm_ldap: user try authorized to use remote access
rlm_ldap: ldap_release_conn: Release Id: 0
modcall[authorize]: module ldap returns ok for request 0
modcall: group authorize returns ok for request 0
rad_check_password: Found Auth-Type LDAP
auth: type LDAP
Processing the authenticate section of radiusd.conf
modcall: entering group Auth-Type for request 0
rlm_ldap: - authenticate
rlm_ldap: login attempt by try with password trialanderror
rlm_ldap: user DN: uid=try,ou=People,dc=example,dc=com
rlm_ldap: (re)connect to 30.0.0.2:389, authentication 1
rlm_ldap: bind as uid=try,ou=People,dc=example,dc=com/trialanderror to
30.0.0.2:389
rlm_ldap: waiting for bind result ...
rlm_ldap: Bind failed with invalid credentials
modcall[authenticate]: module ldap returns reject for request 0
modcall: group Auth-Type returns reject for request 0
auth: Failed to validate the user.
Delaying request 0 for 1 seconds
Finished request 0
Going to the next request
--- Walking the entire request list ---
Waking up in 1 seconds...
--- Walking the entire request list ---
Waking up in 1 seconds...
Here you can see that the authorization of a user 'try' having password
'trialanderror' works fine but authentication fails. The host running
the freeradius server is Fedora Core 5 running linux 2.6.25. Could you
please suggest where we are going wrong. I am sending you a copy of
the /etc/raddb/users file as well.
DEFAULT Auth-Type = System
Fall-Through = 1
DEFAULT Auth-Type := LDAP
Fall-Through = 0
Any help would be gratefully appreciated.
Thanks
Sambuddho
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: problem configuring freeradius with ldap user database
Sambuddho Chakravarty wrote:
I am experiencing a problem while trying to authenticate the
username/password in LDAP through a freeradius server. While a regular
telnet/ssh to the edge running a openLdap client / PAM module works fine
(It is able to authenticate) but the problem arises when trying to
authenticate using the freeradius server .
This is what the log message looks like :
User-Name = try
User-Password = trialanderror
NAS-IP-Address = 127.0.0.1
...
rlm_ldap: performing search in ou=People,dc=example,dc=com, with filter
(uid=try)
rlm_ldap: Added password {crypt}$1$2Pl0Lm5O$ot8mrXYBaAg12RoBogNDK. in
check items
If you do NOTHING more than configure ldap in the default
configuration, this should work.
modcall[authorize]: module ldap returns ok for request 0
modcall: group authorize returns ok for request 0
You're not using 2.0, and you've edited the default configuration. DO
use a recent version. DON'T edit the configuration to re-arrange the
modules in the authorize section.
Here you can see that the authorization of a user 'try' having password
'trialanderror' works fine but authentication fails. The host running
the freeradius server is Fedora Core 5 running linux 2.6.25.
The OS doesn't matter. The version of FreeRADIUS does.
It seems you're using 1.1.x. You should at LEAST upgrade to 1.1.7.
Then, un-comment the references to LDAP, and configure the LDAP module.
The test WILL work.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: problem configuring freeradius with ldap user database
Hello Alan
Thanks a lot! Ill check this out.
Sambuddho
On Sat, 2008-06-14 at 09:22 +0200, Alan DeKok wrote:
Sambuddho Chakravarty wrote:
I am experiencing a problem while trying to authenticate the
username/password in LDAP through a freeradius server. While a regular
telnet/ssh to the edge running a openLdap client / PAM module works fine
(It is able to authenticate) but the problem arises when trying to
authenticate using the freeradius server .
This is what the log message looks like :
User-Name = try
User-Password = trialanderror
NAS-IP-Address = 127.0.0.1
...
rlm_ldap: performing search in ou=People,dc=example,dc=com, with filter
(uid=try)
rlm_ldap: Added password {crypt}$1$2Pl0Lm5O$ot8mrXYBaAg12RoBogNDK. in
check items
If you do NOTHING more than configure ldap in the default
configuration, this should work.
modcall[authorize]: module ldap returns ok for request 0
modcall: group authorize returns ok for request 0
You're not using 2.0, and you've edited the default configuration. DO
use a recent version. DON'T edit the configuration to re-arrange the
modules in the authorize section.
Here you can see that the authorization of a user 'try' having password
'trialanderror' works fine but authentication fails. The host running
the freeradius server is Fedora Core 5 running linux 2.6.25.
The OS doesn't matter. The version of FreeRADIUS does.
It seems you're using 1.1.x. You should at LEAST upgrade to 1.1.7.
Then, un-comment the references to LDAP, and configure the LDAP module.
The test WILL work.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: problem configuring freeradius with ldap user database
rlm_ldap: Added password {crypt}$1$2Pl0Lm5O$ot8mrXYBaAg12RoBogNDK. in
check items
Are you sure that's crypt? It looks like MD5 to me.
Ivan Kalik
Kalik Informatika ISP
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
