I've got a dout. The rlm_ldap does support LDAPv3? Because I trying to connect to LDAP Server does support LDAPv2 and the freeradius does running ok
> -----Mensaje original----- > De: Robert Canary [mailto:[EMAIL PROTECTED] > Enviado el: martes, 25 de febrero de 2003 12:48 > Para: [EMAIL PROTECTED] > Asunto: Re: RV: freeradius-ldap is not running > > I don't _know_ it is wrong, I have only seen ldap dn (ones with access > to passwords) include a cn of the a user configures in the ACL to see > passwords. Your basedn dosen't have that, curious. > > Federico Edelman wrote: > > > > Ok! But, I think, the freeradius should be warns me if the basedn has > wrong. > > I don't like guest error. > > My basedn is that. > > > > Why do you say the basedn is wrong? > > > > Thanks very much. > > Fede > > > > > -----Mensaje original----- > > > De: Robert Canary [mailto:[EMAIL PROTECTED] > > > Enviado el: lunes, 24 de febrero de 2003 20:40 > > > Para: [EMAIL PROTECTED] > > > Asunto: Re: RV: freeradius-ldap is not running > > > > > > You have ldap configured in the radius. You have ldap configured to > be > > > a default fall-through. I understand your ldap server is working > fine. > > > I'm saying the radius server isn't talking to the ldap server, _maybe_ > > > because the basedn is set wrong. > > > > > > Federico Edelman wrote: > > > > > > > > My LDAP server works fine. I'm using the LDAP server for other > services. > > > > > > > > > -----Mensaje original----- > > > > > De: Robert Canary [mailto:[EMAIL PROTECTED] > > > > > Enviado el: lunes, 24 de febrero de 2003 15:35 > > > > > Para: [EMAIL PROTECTED] > > > > > Asunto: Re: RV: freeradius-ldap is not running > > > > > > > > > > I think you should look at your ldap server logs. Your "basedn" > > > dosen't > > > > > look right to me. I think it should be something like, > > > > > "cn=user-that-can-read-passwords,dc=example,dc=com" > > > > > > > > > > Federico Edelman wrote: > > > > > > > > > > > > I can't get a response. > > > > > > Somebody know about this trouble? > > > > > > > > > > > > -----Mensaje original----- > > > > > > De: Federico Edelman > > > > > > Enviado el: jueves, 20 de febrero de 2003 10:29 > > > > > > Para: [EMAIL PROTECTED] > > > > > > Asunto: RE: freeradius-ldap is not running > > > > > > > > > > > > Robert: > > > > > > This is the complete log file. > > > > > > > > > > > > > -----Mensaje original----- > > > > > > > De: Robert Canary [mailto:[EMAIL PROTECTED] > > > > > > > Enviado el: miércoles, 19 de febrero de 2003 17:54 > > > > > > > Para: [EMAIL PROTECTED] > > > > > > > Asunto: Re: freeradius-ldap is not running > > > > > > > > > > > > > > Why did you snip-it? We need the rest of the lof file. > > > > > > > > > > > > > > Do this radiusd -X >/var/log/radiusd_dbg_con.log > > > > > > > > > > > > > > It is esasier to capture the error messages that way. > > > > > > > > > > > > > > Also what shows up in your freeradius logs during this time? > > > > > > > > > > > > > > Federico Edelman wrote: > > > > > > > > > > > > > > > > Hi guys, > > > > > > > > I'm newbie with freeradius. I'm running freeradius- > 0.8.1 > > > on > > > > > > > > Linux Debian 3.1. The LDAP server/client is openldap-2.1.12. > > > > > > > > > > > > > > > > I've compiled the freeradius with: > > > > > > > > > > > > > > > > # LD_LIBRARY_PATH="/usr/local/openldap/lib:/usr/local/lib" > > > > > > > > # LDFLAGS="-L/usr/local/openldap/lib -L/usr/local/lib" > > > > > > > > # CFLAGS="-O -g -I/usr/local/openldap/include - > > > I/usr/local/include" > > > > > > > > # CC="gcc" > > > > > > > > # export LD_LIBRARY_PATH LDFLAGS CFLAGS CC > > > > > > > > # ./configure --prefix=/usr/local/freeradius --with- > > > > > > > > openldap=/usr/local/openldap > > > > > > > > # make > > > > > > > > # make install > > > > > > > > > > > > > > > > All's ok. > > > > > > > > > > > > > > > > I've run: > > > > > > > > # /usr/local/freeradius/sbin/radiusd -X > > > > > > > > And... > > > > > > > > # /usr/local/freeradius/bin/radtest > > > > > > > > > > > > > > > > All's ok. The radtest connect with radiusd successfully. > > > > > > > > > > > > > > > > But, When I setting up the radius with LDAP support the > radiusd > > > exit > > > > > and > > > > > > > > not running. > > > > > > > > > > > > > > > > The radius ldap configuration: > > > > > > > > > > > > > > > > My /usr/local/freeradius/etc/raddb/radiusd.conf: > > > > > > > > ---- snip snip ---- > > > > > > > > ldap { > > > > > > > > server = "myldapserver" > > > > > > > > basedn = "ou=people,dc=rootldap" > > > > > > > > filter = "((posixAccount)(uid=%u))" > > > > > > > > start_tls = no > > > > > > > > tls_mode = no > > > > > > > > dictionary_mapping = > ${raddbdir}/ldap.attrmap > > > > > > > > ldap_connections_number = 5 > > > > > > > > timeout = 4 > > > > > > > > timelimit = 3 > > > > > > > > net_timeout = 1 > > > > > > > > } > > > > > > > > authenticate { > > > > > > > > authtype LDAP { > > > > > > > > ldap > > > > > > > > } > > > > > > > > } > > > > > > > > ---- snip snip ---- > > > > > > > > my /usr/local/freeradius/etc/raddb/dictionary: > > > > > > > > ---- snip snip ---- > > > > > > > > # > > > > > > > > # Non-Protocol Integer Translations > > > > > > > > # > > > > > > > > > > > > > > > > VALUE Auth-Type Local > > > 0 > > > > > > > > VALUE Auth-Type System > > > 1 > > > > > > > > VALUE Auth-Type SecurID > > > 2 > > > > > > > > VALUE Auth-Type Crypt-Local > > > 3 > > > > > > > > VALUE Auth-Type Reject > > > 4 > > > > > > > > VALUE Auth-Type ActivCard > > > 4 > > > > > > > > VALUE Auth-Type LDAP > > > 5 > > > > > > > > ---- snip snip ---- > > > > > > > > my /usr/local/freeradius/etc/raddb/users: > > > > > > > > ---- snip snip ---- > > > > > > > > DEFAULT Auth-Type := LDAP > > > > > > > > Fall-Through = 1 > > > > > > > > ---- snip snip ---- > > > > > > > > > > > > > > > > My ldif user: > > > > > > > > > > > > > > > > ---- snip snip ---- > > > > > > > > dn: uid=test,ou=people,dc=claxson > > > > > > > > objectClass: top > > > > > > > > objectClass: account > > > > > > > > objectClass: posixAccount > > > > > > > > ou: people > > > > > > > > uid: test > > > > > > > > cn: TestUser > > > > > > > > loginShell: /bin/bash > > > > > > > > homeDirectory: /home/test > > > > > > > > gecos: Test User > > > > > > > > uidNumber: 1001 > > > > > > > > gidNumber: 1001 > > > > > > > > userPassword: {crypt}XXXXXXX > > > > > > > > ---- snip snip ---- > > > > > > > > > > > > > > > > When I run "radiusd -X" I get this: > > > > > > > > ---- snip snip ---- > > > > > > > > . > > > > > > > > . > > > > > > > > . > > > > > > > > Module: Loaded radutmp > > > > > > > > radutmp: filename = > > > "/usr/local/freeradius/var/log/radius/radutmp" > > > > > > > > radutmp: username = "%{User-Name}" > > > > > > > > radutmp: perm = 384 > > > > > > > > radutmp: callerid = yes > > > > > > > > Module: Instantiated radutmp (radutmp) > > > > > > > > main: smux_password = "" > > > > > > > > main: snmp_write_access = no > > > > > > > > SMUX connect try 1 > > > > > > > > SMUX open oid: 1.3.6.1.4.1.3317.1.3.1 > > > > > > > > SMUX open progname: radiusd > > > > > > > > SMUX open password: > > > > > > > > SMUX register oid: 1.3.6.1.2.1.67.1.1.1.1 > > > > > > > > SMUX register priority: -1 > > > > > > > > SMUX register operation: 1 > > > > > > > > SMUX register oid: 1.3.6.1.2.1.67.2.1.1.1 > > > > > > > > SMUX register priority: -1 > > > > > > > > SMUX register operation: 1 > > > > > > > > ---- snip snip ---- > > > > > > > > > > > > > > > > And... exit and radiusd isn't running. > > > > > > > > > > > > > > > > What can I do wrong? Any idea? > > > > > > > > > > > > > > > > Thanks very much. > > > > > > > > > > > > > > > > Federico > > > > > > > > > > > > > > > > - > > > > > > > > List info/subscribe/unsubscribe? See > > > > > > > http://www.freeradius.org/list/users.html > > > > > > > > > > > > > > - > > > > > > > List info/subscribe/unsubscribe? See > > > > > > > http://www.freeradius.org/list/users.html > > > > > > > > > > > > -------------------------------------------------------------- > ---- > > > ---- > > > > > -- > > > > > > Name: freeradius.log > > > > > > freeradius.log Type: LOG File (application/x-unknown- > > > content- > > > > > type-log_auto_file) > > > > > > Encoding: base64 > > > > > > Description: freeradius.log > > > > > > > > > > - > > > > > List info/subscribe/unsubscribe? See > > > > > http://www.freeradius.org/list/users.html > > > > > > > > - > > > > List info/subscribe/unsubscribe? See > > > http://www.freeradius.org/list/users.html > > > > > > - > > > List info/subscribe/unsubscribe? See > > > http://www.freeradius.org/list/users.html > > > > - > > List info/subscribe/unsubscribe? See > http://www.freeradius.org/list/users.html > > - > List info/subscribe/unsubscribe? See > http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html