I posted a working config for your exact problem last week. Take Johns advice. Thanks
-----Original Message----- From: freeradius-users-bounces+midnightsteel=msn....@lists.freeradius.org [mailto:freeradius-users-bounces+midnightsteel=msn....@lists.freeradius.org] On Behalf Of Rafal Kaminski Sent: Monday, November 01, 2010 10:59 AM To: freeradius-users@lists.freeradius.org Subject: Re: Problem with LDAP and SSHA password W dniu 11/1/10 3:56 PM, Rafał Kamiński pisze: > Hi, > > I configured Freeradius + Ldap and ssha Password like userPassword but > when I try connect I have this debug log: > > ---CUT--- Ok - my bad :) I clicked "Send" fast. ---CUT--- Mon Nov 1 14:53:39 2010 : Debug: rlm_ldap: LDAP attribute userPassword as RADIUS attribute Password == "{SHA}izxUUJlzMp1DyX5R9DSblXZBpjI=" Mon Nov 1 14:53:39 2010 : Debug: rlm_ldap: LDAP attribute userPassword as RADIUS attribute User-Password == "{SHA}izxUUJlzMp1DyX5R9DSblXZBpjI=" Mon Nov 1 14:53:39 2010 : Debug: rlm_ldap: looking for reply items in directory... Mon Nov 1 14:53:39 2010 : Debug: rlm_ldap: user rafal.kaminski authorized to use remote access Mon Nov 1 14:53:39 2010 : Debug: rlm_ldap: ldap_release_conn: Release Id: 0 Mon Nov 1 14:53:39 2010 : Debug: modsingle[authorize]: returned from ldap (rlm_ldap) for request 0 Mon Nov 1 14:53:39 2010 : Debug: ++[ldap] returns ok Mon Nov 1 14:53:39 2010 : Debug: modsingle[authorize]: calling expiration (rlm_expiration) for request 0 Mon Nov 1 14:53:39 2010 : Debug: modsingle[authorize]: returned from expiration (rlm_expiration) for request 0 Mon Nov 1 14:53:39 2010 : Debug: ++[expiration] returns noop Mon Nov 1 14:53:39 2010 : Debug: modsingle[authorize]: calling logintime (rlm_logintime) for request 0 Mon Nov 1 14:53:39 2010 : Debug: modsingle[authorize]: returned from logintime (rlm_logintime) for request 0 Mon Nov 1 14:53:39 2010 : Debug: ++[logintime] returns noop Mon Nov 1 14:53:39 2010 : Debug: modsingle[authorize]: calling pap (rlm_pap) for request 0 Mon Nov 1 14:53:39 2010 : Debug: rlm_pap: Found existing Auth-Type, not changing it. Mon Nov 1 14:53:39 2010 : Debug: modsingle[authorize]: returned from pap (rlm_pap) for request 0 Mon Nov 1 14:53:39 2010 : Debug: ++[pap] returns noop Mon Nov 1 14:53:39 2010 : Debug: rad_check_password: Found Auth-Type EAP Mon Nov 1 14:53:39 2010 : Debug: auth: type "EAP" Mon Nov 1 14:53:39 2010 : Debug: WARNING: Unknown value specified for Auth-Type. Cannot perform requested action. Mon Nov 1 14:53:39 2010 : Debug: auth: Failed to validate the user. Mon Nov 1 14:53:39 2010 : Auth: Login incorrect: [rafal.kaminski/<via Auth-Type = EAP>] (from client 192.168.37.3 port 0) Mon Nov 1 14:53:39 2010 : Debug: Found Post-Auth-Type Reject Mon Nov 1 14:53:39 2010 : Debug: +- entering group REJECT Mon Nov 1 14:53:39 2010 : Debug: modsingle[post-auth]: calling attr_filter.access_reject (rlm_attr_filter) for request 0 Mon Nov 1 14:53:39 2010 : Debug: expand: %{User-Name} -> rafal.kaminski Mon Nov 1 14:53:39 2010 : Debug: attr_filter: Matched entry DEFAULT at line 11 Mon Nov 1 14:53:39 2010 : Debug: modsingle[post-auth]: returned from attr_filter.access_reject (rlm_attr_filter) for request 0 Mon Nov 1 14:53:39 2010 : Debug: ++[attr_filter.access_reject] returns updated Mon Nov 1 14:53:39 2010 : Debug: Delaying reject of request 0 for 1 seconds Mon Nov 1 14:53:39 2010 : Debug: Going to the next request Mon Nov 1 14:53:39 2010 : Debug: Waking up in 0.9 seconds. Mon Nov 1 14:53:40 2010 : Debug: Sending delayed reject for request 0 Sending Access-Reject of id 217 to 192.168.37.3 port 1812 ---END-CUT--- Where is the problem? Thanks for help, because I can't resolve that problem for 2-3 days :( -- Rafal Kaminski System Administrator Young Internet GmbH Torstraße 35 10119 Berlin Germany - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html