rlm_eap_leap: No User-Password or NT-Password configured for this user

Joseph Silvin Wed, 26 May 2004 02:41:19 -0700

Hi,

I am trying to authenticate Cisco AP 1200 against FreeRadius through
LDAP.The following is the error I am getting after stage 2 "rlm_eap_leap:
No User-Password or NT-Password configured for this user". The LDAP
authentication is getting done. and the EAP is also getting started. But,
the credentials of the LDAP is not getting used for EAP.


Please suggest the reason for this error. Log is given below.

Joseph

===============================================================================
rad_recv: Access-Request packet from host 192.168.1.7:21645, id=245,
length=125
        User-Name = "FAnthony"
        Framed-MTU = 1400
        Called-Station-Id = "000e.d7b1.008b"
        Calling-Station-Id = "000f.2478.85cf"
        Message-Authenticator = 0x2f568765c076a1cc35ec515b50580740
        EAP-Message = 0x0202000d0146416e74686f6e79
        NAS-Port-Type = Wireless-802.11
        NAS-Port = 485
        Service-Type = Framed-User
        NAS-IP-Address = 192.168.1.7
modcall: entering group authorize for request 0
  modcall[authorize]: module "preprocess" returns ok for request 0
  modcall[authorize]: module "chap" returns noop for request 0
  rlm_eap: EAP packet type notification id 2 length 13
  rlm_eap: EAP Start not found
  modcall[authorize]: module "eap" returns updated for request 0
    rlm_realm: No '@' in User-Name = "FAnthony", looking up realm NULL
    rlm_realm: No such realm "NULL"
  modcall[authorize]: module "suffix" returns noop for request 0
rlm_ldap: Entering ldap_groupcmp()
radius_xlat:  'o=MyOrg'
radius_xlat:  '(uid=FAnthony)'
ldap_get_conn: Got Id: 0
rlm_ldap: attempting LDAP reconnection
rlm_ldap: (re)connect to 192.168.1.41:389, authentication 0
rlm_ldap: bind as cn=Admin,o=MyOrg/<removed> to 192.168.1.41:389
rlm_ldap: waiting for bind result ...
rlm_ldap: performing search in o=MyOrg, with filter (uid=FAnthony)
ldap_release_conn: Release Id: 0
radius_xlat:  '(&(uid=FAnthony)(objectclass=top))'
ldap_get_conn: Got Id: 0
rlm_ldap: performing search in OU=MyLoc,O=MyOrg, with filter
(&(uid=FAnthony)(objectclass=top))
rlm_ldap::ldap_groupcmp: User found in group OU=MyLoc,O=MyOrg
ldap_release_conn: Release Id: 0
    users: Matched DEFAULT at 156
    users: Matched DEFAULT at 175
  modcall[authorize]: module "files" returns ok for request 0
  modcall[authorize]: module "mschap" returns noop for request 0
rlm_ldap: - authorize
rlm_ldap: performing user authorization for FAnthony
radius_xlat:  '(uid=FAnthony)'
radius_xlat:  'o=MyOrg'
ldap_get_conn: Got Id: 0
rlm_ldap: performing search in o=MyOrg, with filter (uid=FAnthony)
rlm_ldap: checking if remote access for FAnthony is allowed by
proposedaltorgunit
rlm_ldap: Password header not found in password (91CA0741343JHUG6C9A32A21F)
for user FAnthony
rlm_ldap: looking for check items in directory...
rlm_ldap: looking for reply items in directory...
rlm_ldap: user FAnthony authorized to use remote access
ldap_release_conn: Release Id: 0
  modcall[authorize]: module "ldap" returns ok for request 0
modcall: group authorize returns updated for request 0
  rad_check_password:  Found Auth-Type EAP
auth: type "EAP"
modcall: entering group authenticate for request 0
  rlm_eap: EAP packet type notification id 2 length 13
  rlm_eap: EAP Start not found
  rlm_eap: EAP Identity
  rlm_eap: processing type leap
  rlm_eap_leap: Stage 2
  rlm_eap_leap: Issuing AP Challenge
  rlm_eap_leap: Successfully initiated
  modcall[authenticate]: module "eap" returns ok for request 0
modcall: group authenticate returns ok for request 0
modcall: entering group post-auth for request 0
radius_xlat:  '/var/log/radius/radacct/192.168.1.7/reply-detail-20040524'
rlm_detail:
/var/log/radius/radacct/%{Client-IP-Address}/reply-detail-%Y%m%d expands to
/var/log/radius/radacct/192.168.1.7/reply-detail-20040524
  modcall[post-auth]: module "reply_log" returns ok for request 0
modcall: group post-auth returns ok for request 0
Sending Access-Challenge of id 245 to 192.168.1.7:21645
        Framed-IP-Address = 255.255.255.254
        Framed-MTU = 576
        Service-Type = Framed-User
        EAP-Message = 0x0103001811010008b94601729c9a3dd446416e74686f6e79
        Message-Authenticator = 0x00000000000000000000000000000000
        State =
0xe3166619f4e5ebeceeecf4c8ad538f14c2b3b1406fa168fb18df0f59e7687b3844c0e160
Finished request 0
Going to the next request
--- Walking the entire request list ---
Waking up in 5 seconds...
rad_recv: Access-Request packet from host 192.168.1.7:21645, id=246,
length=190
        User-Name = "FAnthony"
        Framed-MTU = 1400
        Called-Station-Id = "000e.d7b1.008b"
        Calling-Station-Id = "000f.2478.85cf"
        Message-Authenticator = 0xbbf0ade28f802ee85b254d14fd07308c
        EAP-Message =
0x0203002811010018e24bd48592abbef7378f8fc67fcd97fe01e0cfd3cba39e1446416e74686f6e79
        NAS-Port-Type = Wireless-802.11
        NAS-Port = 485
        State =
0xe3166619f4e5ebeceeecf4c8ad538f14c2b3b1406fa168fb18df0f59e7687b3844c0e160
        Service-Type = Framed-User
        NAS-IP-Address = 192.168.1.7
modcall: entering group authorize for request 1
  modcall[authorize]: module "preprocess" returns ok for request 1
  modcall[authorize]: module "chap" returns noop for request 1
  rlm_eap: EAP packet type notification id 3 length 40
  rlm_eap: EAP Start not found
  modcall[authorize]: module "eap" returns updated for request 1
    rlm_realm: No '@' in User-Name = "FAnthony", looking up realm NULL
    rlm_realm: No such realm "NULL"
  modcall[authorize]: module "suffix" returns noop for request 1
rlm_ldap: Entering ldap_groupcmp()
radius_xlat:  'o=MyOrg'
radius_xlat:  '(uid=FAnthony)'
ldap_get_conn: Got Id: 0
rlm_ldap: performing search in o=MyOrg, with filter (uid=FAnthony)
ldap_release_conn: Release Id: 0
radius_xlat:  '(&(uid=FAnthony)(objectclass=top))'
ldap_get_conn: Got Id: 0
rlm_ldap: performing search in OU=MyLoc,O=MyOrg, with filter
(&(uid=FAnthony)(objectclass=top))
rlm_ldap::ldap_groupcmp: User found in group OU=MyLoc,O=MyOrg
ldap_release_conn: Release Id: 0
    users: Matched DEFAULT at 156
    users: Matched DEFAULT at 175
  modcall[authorize]: module "files" returns ok for request 1
  modcall[authorize]: module "mschap" returns noop for request 1
rlm_ldap: - authorize
rlm_ldap: performing user authorization for FAnthony
radius_xlat:  '(uid=FAnthony)'
radius_xlat:  'o=MyOrg'
ldap_get_conn: Got Id: 0
rlm_ldap: performing search in o=MyOrg, with filter (uid=FAnthony)
rlm_ldap: checking if remote access for FAnthony is allowed by
proposedaltorgunit
rlm_ldap: Password header not found in password
(91CA0GFYG78673936C9A32A421F) for user FAnthony
rlm_ldap: looking for check items in directory...
rlm_ldap: looking for reply items in directory...
rlm_ldap: user FAnthony authorized to use remote access
ldap_release_conn: Release Id: 0
  modcall[authorize]: module "ldap" returns ok for request 1
modcall: group authorize returns updated for request 1
  rad_check_password:  Found Auth-Type EAP
auth: type "EAP"
modcall: entering group authenticate for request 1
  rlm_eap: EAP packet type notification id 3 length 40
  rlm_eap: EAP Start not found
  rlm_eap: Request found, released from the list
  rlm_eap: EAP_TYPE - leap
  rlm_eap: processing type leap
rlm_eap_leap: No User-Password or NT-Password configured for this user
  modcall[authenticate]: module "eap" returns invalid for request 1
modcall: group authenticate returns invalid for request 1
auth: Failed to validate the user.
Delaying request 1 for 1 seconds
Finished request 1
Going to the next request
Waking up in 5 seconds...
rad_recv: Access-Request packet from host 192.168.1.7:21645, id=246,
length=190
Sending Access-Reject of id 246 to 192.168.1.7:21645
        EAP-Message = 0x04030004
        Message-Authenticator = 0x00000000000000000000000000000000
--- Walking the entire request list ---
Cleaning up request 0 ID 245 with timestamp 40b1b3c1
Waking up in 1 seconds...
--- Walking the entire request list ---
Cleaning up request 1 ID 246 with timestamp 40b1b3c2
Nothing to do.  Sleeping until we see a request.
****************DISCLAIMER*****************  This  message  and  any
attachments (hereinafter referred to as the 'mail content')  is  intended
solely  for  the  addressee. The 'mail content' is confidential  and may be
privileged and is also prohibited from disclosure. Access,  use,  copying,
distribution  or  re-use  of the 'mail content' by anyone  except  the
addressee is unauthorized. If you are not the intended addressee,  please
destroy  all  copies  of  the  'mail  content'  in your possession and also
delete the same from your computer. Any views expressed in  the  'mail
content' are those of the individual sender except where the sender,  with
due  authority of Jyoti Structures Ltd., specifically states them  to  be
the  views  of Jyoti Structures Ltd. Nothing contained in the 'mail
content'  is  capable  or  intended  to  create  any legally binding
obligations  on  the  sender,  Jyoti  Structures  Ltd.  The  sender,  Jyoti
Structures  Ltd., accepts no responsibility, whatsoever, for loss or damage
from the use of the 'Said Information' including damage from viruses.
****************************************************



- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

rlm_eap_leap: No User-Password or NT-Password configured for this user

Reply via email to