freeradius
0.4, solaris 8, openldap 2.0.18
My problem is
this, I can authenticate fine against LDAP, but when I enable CHAP in my testing
client, I get Attribute "Password" is required for authentication. Cannot use
"CHAP-Password". If I remove ldap from the authenticate section of
radiusd.conf and add chap, add ldap and chap to the authorize section, I get the
following error:
auth: type
"Ldap"
auth: Failed to validate the user.
auth: Failed to validate the user.
This is odd to
me because I am able to authenticate against the ldap when i re-add ldap to
authenticate
auth: type
"Ldap"
modcall: entering group authenticate
rlm_ldap: - authenticate
modcall[authenticate]: module "ldap" returns ok
modcall: group authenticate returns ok
Sending Access-Accept of id 52 to 10.10.1.141:39493
Finished request 0
modcall: entering group authenticate
rlm_ldap: - authenticate
modcall[authenticate]: module "ldap" returns ok
modcall: group authenticate returns ok
Sending Access-Accept of id 52 to 10.10.1.141:39493
Finished request 0
Is there
something wrong with this config file?
ldap
{
server = "slabauth01"
identity = "cn=radiusAuth,o=west"
password = passWord
basedn = "o=west"
filter = "(& (RadiusUserID=%u) (accountStatus=1))"
dictionary_mapping = ${raddbdir}/ldap.attrmap
timeout = 4
timelimit = 3
net_timeout = 1
password_header = "{clear}"
password_attribute = userPassword
server = "slabauth01"
identity = "cn=radiusAuth,o=west"
password = passWord
basedn = "o=west"
filter = "(& (RadiusUserID=%u) (accountStatus=1))"
dictionary_mapping = ${raddbdir}/ldap.attrmap
timeout = 4
timelimit = 3
net_timeout = 1
password_header = "{clear}"
password_attribute = userPassword
}
chap
{
AuthType = CHAP
}
AuthType = CHAP
}
authorize
{
preprocess
ldap
chap
}
preprocess
ldap
chap
}
authenticate {
unix
#ldap
unix
#ldap
authtype
CHAP{
chap
}
chap
}
}