sample ldif file

Wed, 06 Feb 2002 14:07:52 -0800 

Hello all,

I am having trouble getting radius to work with ldap.  I think I have
the config file setup corretly because I see ldap requests in the debug.

I want to use pap and {crypt} for password encryption and accourding to 
the docs that should work.  But I can't seem to get it working in my 
lab.  Can anyone provide a sample ldif file that I could look at?

I would prefer for radius to bind as the user to get the attributes and 
authenticate.  It seems that this should work if I disable the identity 
option in the ldap module.

Anyway, here are some details if they help:

freeradius 0.4/openldap 2.0.21

Here is how I am starting radius:  radiusd -f -X -y
Here is how I am testing radius: radtest test test localhost 10 testing123

Here is some debug output:

rad_recv: Access-Request packet from host 127.0.0.1:32773, id=68, length=54
         User-Name = "test"
         Password = "y\255\347#\010Q]\346\264\262W\241\377\010\266\250"
         NAS-IP-Address = 255.255.255.255
         NAS-Port-Id = "10"
modcall: entering group authorize
   modcall[authorize]: module "preprocess" returns ok
   modcall[authorize]: module "suffix" returns ok
     users: Matched DEFAULT at 144
   modcall[authorize]: module "files" returns ok
rlm_ldap: - authorize
rlm_ldap: performing user authorization for test
radius_xlat:  '(uid=test)'
radius_xlat:  'dc=aptalaska,dc=net'
rlm_ldap: attempting LDAP reconnection
rlm_ldap: (re)connect to localhost:389, authentication 0
rlm_ldap: bind as cn=Manager,dc=aptalaska,dc=net/secret
rlm_ldap: waiting for bind result ...
rlm_ldap: performing search in dc=aptalaska,dc=net, with filter (uid=test)
rlm_ldap: Added password GcuFt8zIt0v7E in check items
rlm_ldap: looking for check items in directory...
rlm_ldap: looking for reply items in directory...
rlm_ldap: user test authorized to use remote access
   modcall[authorize]: module "ldap" returns ok
modcall: group authorize returns ok
   rad_check_password:  Found Auth-Type System
auth: type "System"
auth: Failed to validate the user.
Sending Access-Reject of id 68 to 127.0.0.1:32773
Finished request 0


Thanks,

schu


- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Reply via email to