Radtest and real result different. (LDAP Crypt EAP MD5)

Chan Min Wai (System Administrator) Wed, 24 Nov 2004 02:06:42 -0800

Sear All,

I'm not sure what is but the result using radtest and the result using switch
is different Below.


Can anyone tell me why? 
I'm using LDAP (with {crypt} password)
And Freeradius 1.01 from the Fc2 update

Please Give me a hands... I require your help.

Using with a Swith
===================
rad_recv: Access-Request packet from host 192.168.0.18:8021, id=41, length=214
        Framed-MTU = 1466
        NAS-IP-Address = 192.168.0.18
        NAS-Identifier = "CAN_OECTEST"
        User-Name = "[EMAIL PROTECTED]"
        Service-Type = Framed-User
        NAS-Port = 113
        NAS-Port-Type = Ethernet
        NAS-Port-Id = "ether8_113"
        Called-Station-Id = "00-0f-3d-ce-1a-54"
        Calling-Station-Id = "00-0d-88-6f-48-24"
        Connect-Info = "CONNECT Ethernet 2Mbps Full duplex"
        EAP-Message = 0x020100180164636d776169406f636573622e636f6d2e6d79
        Message-Authenticator = 0xb67f21b0e55400bd4553873e4637ac81
rad_lowerpair:  User-Name now '[EMAIL PROTECTED]'
rad_rmspace_pair:  User-Name now '[EMAIL PROTECTED]'
  Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 0
  modcall[authorize]: module "preprocess" returns ok for request 0
  modcall[authorize]: module "chap" returns noop for request 0
  modcall[authorize]: module "mschap" returns noop for request 0
    rlm_realm: Looking up realm "ocesb.com.my" for User-Name =
"[EMAIL PROTECTED]"
    rlm_realm: Found realm "ocesb.com.my"
    rlm_realm: Adding Stripped-User-Name = "dcmwai"
    rlm_realm: Proxying request from user dcmwai to realm ocesb.com.my
    rlm_realm: Adding Realm = "ocesb.com.my"
    rlm_realm: Authentication realm is LOCAL.
  modcall[authorize]: module "suffix" returns noop for request 0
  rlm_eap: EAP packet type response id 1 length 24
  rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
  modcall[authorize]: module "eap" returns updated for request 0
    users: Matched DEFAULT at 152
    users: Matched DEFAULT at 171
    users: Matched DEFAULT at 227
  modcall[authorize]: module "files" returns ok for request 0
modcall: group authorize returns updated for request 0
  Processing the authorize section of radiusd.conf
modcall: entering group Autz-Type for request 0
rlm_ldap: - authorize
rlm_ldap: performing user authorization for dcmwai
radius_xlat:  '(uid=dcmwai)'
radius_xlat:  'dc=.'
rlm_ldap: ldap_get_conn: Checking Id: 0
rlm_ldap: ldap_get_conn: Got Id: 0
rlm_ldap: attempting LDAP reconnection
rlm_ldap: (re)connect to localhost:389, authentication 0
rlm_ldap: bind as cn=Manager,dc=./oceldap1 to localhost:389
rlm_ldap: waiting for bind result ...
rlm_ldap: Bind was successful
rlm_ldap: performing search in dc=., with filter (uid=dcmwai)
rlm_ldap: checking if remote access for dcmwai is allowed by dialupAccess
rlm_ldap: Added password $1$EX0s9CVO$D/mfGk3OKV2OnYgzaFn.X1 in check items
rlm_ldap: looking for check items in directory...
rlm_ldap: looking for reply items in directory...
rlm_ldap: user dcmwai authorized to use remote access
rlm_ldap: ldap_release_conn: Release Id: 0
  modcall[authorize]: module "ocesbldap" returns ok for request 0
modcall: group Autz-Type returns ok for request 0
  rad_check_password:  Found Auth-Type ldap-ocesb
auth: type "ldap-ocesb"
  Processing the authenticate section of radiusd.conf
modcall: entering group Auth-Type for request 0
rlm_ldap: - authenticate
rlm_ldap: Attribute "User-Password" is required for authentication.
  modcall[authenticate]: module "ocesbldap" returns invalid for request 0
modcall: group Auth-Type returns invalid for request 0
auth: Failed to validate the user.
Delaying request 0 for 1 seconds
Finished request 0


radtest result
====================
rad_recv: Access-Request packet from host 127.0.0.1:32773, id=40, length=71
        User-Name = "[EMAIL PROTECTED]"
        User-Password = "251483C"
        NAS-IP-Address = 255.255.255.255
        NAS-Port = 1
rad_lowerpair:  User-Name now '[EMAIL PROTECTED]'
rad_rmspace_pair:  User-Name now '[EMAIL PROTECTED]'
  Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 1
  modcall[authorize]: module "preprocess" returns ok for request 1
  modcall[authorize]: module "chap" returns noop for request 1
  modcall[authorize]: module "mschap" returns noop for request 1
    rlm_realm: Looking up realm "ocesb.com.my" for User-Name =
"[EMAIL PROTECTED]"
    rlm_realm: Found realm "ocesb.com.my"
    rlm_realm: Adding Stripped-User-Name = "dcmwai"
    rlm_realm: Proxying request from user dcmwai to realm ocesb.com.my
    rlm_realm: Adding Realm = "ocesb.com.my"
    rlm_realm: Authentication realm is LOCAL.
  modcall[authorize]: module "suffix" returns noop for request 1
  rlm_eap: No EAP-Message, not doing EAP
  modcall[authorize]: module "eap" returns noop for request 1
    users: Matched DEFAULT at 152
    users: Matched DEFAULT at 227
  modcall[authorize]: module "files" returns ok for request 1
modcall: group authorize returns ok for request 1
  Processing the authorize section of radiusd.conf
modcall: entering group Autz-Type for request 1
rlm_ldap: - authorize
rlm_ldap: performing user authorization for dcmwai
radius_xlat:  '(uid=dcmwai)'
radius_xlat:  'dc=.'
rlm_ldap: ldap_get_conn: Checking Id: 0
rlm_ldap: ldap_get_conn: Got Id: 0
rlm_ldap: performing search in dc=., with filter (uid=dcmwai)
rlm_ldap: checking if remote access for dcmwai is allowed by dialupAccess
rlm_ldap: Added password $1$EX0s9CVO$D/mfGk3OKV2OnYgzaFn.X1 in check items
rlm_ldap: looking for check items in directory...
rlm_ldap: looking for reply items in directory...
rlm_ldap: user dcmwai authorized to use remote access
rlm_ldap: ldap_release_conn: Release Id: 0
  modcall[authorize]: module "ocesbldap" returns ok for request 1
modcall: group Autz-Type returns ok for request 1
  rad_check_password:  Found Auth-Type ldap-ocesb
auth: type "ldap-ocesb"
  Processing the authenticate section of radiusd.conf
modcall: entering group Auth-Type for request 1
rlm_ldap: - authenticate
rlm_ldap: login attempt by "dcmwai" with password "251483C"
rlm_ldap: user DN: uid=dcmwai,ou=People,dc=ocesb,dc=com,dc=my,dc=.
rlm_ldap: (re)connect to localhost:389, authentication 1
rlm_ldap: bind as uid=dcmwai,ou=People,dc=ocesb,dc=com,dc=my,dc=./251483C to
localhost:389
rlm_ldap: waiting for bind result ...
rlm_ldap: Bind was successful
rlm_ldap: user dcmwai authenticated succesfully
  modcall[authenticate]: module "ocesbldap" returns ok for request 1
modcall: group Auth-Type returns ok for request 1
  Processing the post-auth section of radiusd.conf
modcall: entering group post-auth for request 1
rlm_ippool: Could not find Pool-Name attribute.
  modcall[post-auth]: module "main_pool" returns noop for request 1
rlm_sql (sql): Processing sql_postauth
radius_xlat:  '[EMAIL PROTECTED]'
rlm_sql (sql): sql_set_user escaped user --> '[EMAIL PROTECTED]'
radius_xlat:  'INSERT into radpostauth (id, user, pass, reply, date) values
('', '[EMAIL PROTECTED]', '251483C', 'Access-Accept', NOW())'
rlm_sql (sql) in sql_postauth: query is INSERT into radpostauth (id, user,
pass, reply, date) values ('', '[EMAIL PROTECTED]', '251483C',
'Access-Accept', NOW())
rlm_sql (sql): Reserving sql socket id: 4
rlm_sql (sql): Released sql socket id: 4
  modcall[post-auth]: module "sql" returns ok for request 1
modcall: group post-auth returns ok for request 1
Sending Access-Accept of id 40 to 127.0.0.1:32773
Finished request 1
Going to the next request
--- Walking the entire request list ---
Waking up in 6 seconds...

 

--
OCE Sdn Bhd Webmail(http://www.ocesb.com.my)


-- 
This message has been scanned for viruses and dangerous content by 
OCE Sdn Bhd (http://www.ocesb.com.my) MailScanner, and is believed to be clean.



- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Radtest and real result different. (LDAP Crypt EAP MD5)

Reply via email to