Since it's not marked as stable, it's not built by default. Try
rebuilding it, but this time using
./configure --with-experimental-modules | tee configure.log
... then look at configure.log, see what it says about rlm_opendirectory.
Thanks. I now have the opendirectory module working.
It doesn't hurt to try adding it again :)
I'm pretty sure it needs to be in both:
http://lists.cistron.nl/pipermail/freeradius-users/2011-July/msg00447.html
Yes, that worked. I am now able to authenticate local users with radtest.
Thanks
-
List info/subscribe/unsubscribe? See
And then list it in the authorize section.
What is the proper syntax for adding the opendirectory module? I am
getting errors when attempting to start radius:
/usr/local/etc/raddb/sites-enabled/inner-tunnel[195]: Entry is not a
reference to a module
Read again.
list it in the authorize section
not the authenticate section
My mistake. I thought the word And meant do both, based on my question.
Removed from authenticate and listed opendirectory under authorize
of inner tunnel.
I now get the following error:
OK... you made a change to the file which created that error. Is it a
secret? Or did you think we could guess what you did wrong?
Johan informed me I misunderstood your original instructions and I was
not to put anything under Authenticate of the inner-tunnel. I removed
what I
Just installed v 2.1.11 on a mac (OSX 6.3) . Freeradius is working with
clear text passwords and radtest. According to the wiki, I should be
able to authenticate local users accounts without changing anything on
the config. That's the way I understood it anyway. However, I am
getting
On Mac OS X Server, configure the opendirectory module.
Do you mean just enable the module? The module itself says:
# This module is only used when the server is running on the same
# system as OpenDirectory. The configuration of the module is hard-coded
# by Apple, and cannot
I have a tendency to over complicate things with freeradius, so I will
just post my error on my first start up:
I understand the dummy certs are created when launching radiusd -X, but
not sure how to fix the missing dh file without creating new ones. Is
the unknown module eap error because
It seems freeradius 1.3 was already installed automatically when the
server was first setup. and I just installed version 2.1.1 from source.
Do you know off hand how to uninstall the old version?
Not finding how to do that.
On 03/04/2011 09:33 AM, Alan DeKok wrote:
Raymond Norton wrote
Thanks. I understood that. It seems there was an old version of
freeradius installed on the server by default. I'm no mac head, and am
trying to figure out how to remove it.
On 03/04/2011 10:10 AM, Alan Buxey wrote:
Hi,
tls: dh_file = /private/etc/raddb/certs/dh
tls: random_file =
Thanks for the pointers. Freeradius is working fine now against OD.
How would I disable the old radius start up script and enable the new
one instead?
On 03/04/2011 10:35 AM, Alan DeKok wrote:
Raymond Norton wrote:
Thanks. I understood that. It seems there was an old version
I am trying to install freeradius-2.1.0 on a mac server (10.5.8). Make
runs fine, until it gets to the errors below. I am not a mac guy, so not
sure where to look for the cause of the error.
Making all in rlm_perl...
/usr/bin/make -C rlm_perl all
Is there a good howto on setting up freeradius to work with Open
Directory?
(Freeradius will be on stand alone box)
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
That is the one post I did find, but thought it was based on the users
setup.
Thanks
On 02/28/2011 02:50 PM, Alan Buxey wrote:
Hi,
Is there a good howto on setting up freeradius to work with Open
Directory?
(Freeradius will be on stand alone box)
..needs to be on same box as Open
I configured both default and inner-tunnel during the tutorial. I will
check into testing MS-CHAP. Just want to verify if this is how it should
look in the enabled sites:
Auth-Type NTLM_AUTH {
ntlm_auth
}
On 02/18/2011 12:45 AM, Alan DeKok wrote:
Raymond Norton
Just curious if the hyphen is supposed to be in front of the domain
name on this line:
ntlm_auth = */path/to/ntlm_auth* --request-nt-key
--username=%{mschap:User-Name:-None}
--domain=%{%{mschap:NT-Domain}:-*MYDOMAIN*}
--challenge=%{mschap:Challenge:-00}
the path and domain items.
On 02/18/2011 10:01 AM, Alan DeKok wrote:
Raymond Norton wrote:
Just curious if the hyphen is supposed to be in front of the domain
name on this line:
Yes. man unlang. Look for :-
ntlm_auth = */path/to/ntlm_auth* --request-nt-key
--username=%{mschap:User-Name
I am using Fire Fox. Don't know what to say. All other pages worked
yesterday. The page came up fine today.
Good to go
On 02/17/2011 03:04 AM, Alan DeKok wrote:
Raymond Norton wrote:
I get an empty page for this link:
http://deployingradius.com/documents/configuration
I followed the tutorial
(http://deployingradius.com/documents/configuration/active_directory.html)
and seemed to have mschap working. I had configured freeradius to use
eap prior to setting up to work with AD, so not sure if anything I
already configured is conflicting.
Wanting to verify
Is there any way to use some sort of revision control for .deb
installs, outside of snapshots on a VM?
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
I am working through the following wiki:
http://wiki.freeradius.org/FreeRADIUS_Active_Directory_Integration_HOWTO#Set_up_the_Linux_server
I'm good till I get to this area:
Configuration of radiusd.conf
Open this file and proceed to the section:
# Microsoft CHAP authentication
Make
@lists.freeradius.org]
*On Behalf Of *Raymond Norton
*Sent:* Wednesday, February 16, 2011 12:04 PM
*To:* FreeRadius users mailing list
*Subject:* wiki question
I am working through the following wiki:
http://wiki.freeradius.org/FreeRADIUS_Active_Directory_Integration_HOWTO#Set_up_the_Linux_server
I'm
I get an empty page for this link:
http://deployingradius.com/documents/configuration/active_directory.html
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
I had installed openssl and freeradius (deb package) on Ubuntu 10.04,
but had made a mess of things and decided to just purge everything and
start over. Freeradius will not start now, because the symlinks and
radiusd.conf file were not reproduced.:
rlm_eap: SSL error error:02001002:system
Couldn't get make or ./bootstrap to work, even though I have
build-essentials installed and am running commands as root.
Plan B for simple eap (If you are getting certificate errors when
starting freeradius):
I know this is a hack, but it worked the first time for me.
Remove all files and
I am attempting to edit the ldap module to pass the mac address from the
wireless client as the user. I have changed the basedn, but not sure how
to change the filter.
Here is what I have :
ldap {
#
# Note that this needs to match the name in the LDAP
# server
I have a working set up using wpa2 with freeradius and ldap. I need to
set up host authentication instead of user authentication. I am using
LAM to manage ldap and have added a couple host accounts, but I keep
getting a login page from the hotspot. The problem could be a config
issue on any
Got things working (yeah!)
Had to reset the users password with ldappassword. For some reason
freeradius couldn't read what was exported to the ldif file. Once I
changed passwords with ldappassword, radtest and WPA worked perfectly.
Also had to comment out this line in /etc/ldap/slapd.conf:
ldapsearch -x -b uid=billy,ou=People,dc=lctn,dc=org (on remote ldap server)
Command successfully displays information on user.
radtest raymond password 127.0.0.1 1 testing123 (on freeradius server)
Displays local user info
radtest billy password 127.0.0.1 1 testing123 (on freeradius
Whoops... /modules/ldap is on the local freeradius server, not the the
remote ldap server.
/modules/ldap: (on remote ldap server)
ldap {
server = 10.10.3.1
basedn = dc=lctn,dc=org
filter = (uid=%{Stripped-User-Name:-%{User-Name}})
/etc/ldap/slapd.conf (on remote
The FAQ says to use radiusd -X debug.txt for debug.
I get the following:
The program 'radiusd' can be found in the following packages:
* radiusd-livingston
* xtradius
* yardradius
Is there another way to launch debug mode in version 2.1?
-
List info/subscribe/unsubscribe? See
Yes, but when I try to use -X , it says:
Usage: /etc/init.d/freeradius start|stop|restart|force-reload
On 6/24/2010 10:18 AM, Alan DeKok wrote:
Raymond Norton wrote:
The FAQ says to use radiusd -X debug.txt for debug.
I get the following:
The program 'radiusd' can be found
That brings me back to my first post-no radiusd.
On 6/24/2010 10:26 AM, Phil Mayers wrote:
On 24/06/10 16:23, Raymond Norton wrote:
Yes, but when I try to use -X , it says:
Usage: /etc/init.d/freeradius start|stop|restart|force-reload
That's the init script. Run the daemon directly
Got debug working with /usr/sbin/freeradius -X
On 6/24/2010 10:32 AM, Raymond Norton wrote:
That brings me back to my first post-no radiusd.
On 6/24/2010 10:26 AM, Phil Mayers wrote:
On 24/06/10 16:23, Raymond Norton wrote:
Yes, but when I try to use -X , it says:
Usage: /etc/init.d
Debug:
FreeRADIUS Version 2.1.0, for host i486-pc-linux-gnu, built on Sep 17
2009 at 17:22:02
Copyright (C) 1999-2008 The FreeRADIUS server project and contributors.
There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A
PARTICULAR PURPOSE.
You may redistribute copies of
I misunderstood the instructions. Made the change, and I see now that I
am at least connecting to the ldap server, but still getting rejected.
I changed the basedn to ou=People,dc=lctn,dc=org for this test.
(ldapsearch is below)
FreeRADIUS Version 2.1.0, for host i486-pc-linux-gnu, built on
, John Dennis wrote:
On 06/24/2010 12:21 PM, Raymond Norton wrote:
[ldap] looking for reply items in directory...
WARNING: No known good password was found in LDAP. Are you sure that
the user is configured correctly?
You don't have the userPassword mapped in /etc/raddb/ldap.attrmap
But even if you
No. This is a new install. Nothing has been copied over.
Thanks for the pointers.
I will keep working at it.
I hope you didn't just copy 1.x configuration over to 2.x, they aren't
compatible.
I see from your debug output you're running 2.1.0 but the current
version is 2.1.9. To the
I have been reading and looking at similar post non-stop and have an
idea what is wrong, but am not sure how to fix it.
I understand there may be a need to map ldap and radius attributes and I
have found a couple examples, but I am not entirely sure what the
changes should be.
It seems the
wrote:
Raymond Norton wrote:
I have been reading and looking at similar post non-stop and have an
idea what is wrong, but am not sure how to fix it.
Sorry... but the symptoms here are clear. Many, many, posts, full of
confused what do I do now questions.
It's not that hard. Stop
I successfully configured freeradius (version 1.x Ubuntu) to use ldap on
a localhost via WPA. I am trying to setup version 2.1 (Ubuntu) to use a
remote ldap server now. The module loads fine and I made what I believed
were the correct changes to connect to the remote server, but I have
missed
41 matches
Mail list logo