Hi all I am trying to setup freeradius on an OES2 server to authenticate via ldap to edir. I have been following the document freeradius-edir from here http://www.novell.com/coolsolutions/assets/freeradius-edir.pdf , but now i am stuck. Radping works shown as the first login, but wireless fails shown after the broken line. Can anyone shed some light on what might be wrong?
Thanks in advance Mark radius2:/home/radius # radiusd -x Starting - reading configuration files ... Module: Loaded exec rlm_exec: Wait=yes but no output defined. Did you mean output=none? Module: Instantiated exec (exec) Module: Loaded expr Module: Instantiated expr (expr) Module: Loaded PAP Module: Instantiated pap (pap) Module: Loaded CHAP Module: Instantiated chap (chap) Module: Loaded MS-CHAP Module: Instantiated mschap (mschap) Module: Loaded System Module: Instantiated unix (unix) Module: Loaded LDAP rlm_ldap: Registering ldap_groupcmp for Ldap-Group rlm_ldap: Registering ldap_xlat with xlat_name ldap rlm_ldap: reading ldap<->radius mappings from file /etc/raddb/ldap.attrmap rlm_ldap: LDAP radiusCheckItem mapped to RADIUS $GENERIC$ rlm_ldap: LDAP radiusReplyItem mapped to RADIUS $GENERIC$ rlm_ldap: LDAP radiusAuthType mapped to RADIUS Auth-Type rlm_ldap: LDAP radiusSimultaneousUse mapped to RADIUS Simultaneous-Use rlm_ldap: LDAP radiusCalledStationId mapped to RADIUS Called-Station-Id rlm_ldap: LDAP radiusCallingStationId mapped to RADIUS Calling-Station-Id rlm_ldap: LDAP lmPassword mapped to RADIUS LM-Password rlm_ldap: LDAP ntPassword mapped to RADIUS NT-Password rlm_ldap: LDAP acctFlags mapped to RADIUS SMB-Account-CTRL-TEXT rlm_ldap: LDAP radiusExpiration mapped to RADIUS Expiration rlm_ldap: LDAP radiusNASIpAddress mapped to RADIUS NAS-IP-Address rlm_ldap: LDAP radiusServiceType mapped to RADIUS Service-Type rlm_ldap: LDAP radiusFramedProtocol mapped to RADIUS Framed-Protocol rlm_ldap: LDAP radiusFramedIPAddress mapped to RADIUS Framed-IP-Address rlm_ldap: LDAP radiusFramedIPNetmask mapped to RADIUS Framed-IP-Netmask rlm_ldap: LDAP radiusFramedRoute mapped to RADIUS Framed-Route rlm_ldap: LDAP radiusFramedRouting mapped to RADIUS Framed-Routing rlm_ldap: LDAP radiusFilterId mapped to RADIUS Filter-Id rlm_ldap: LDAP radiusFramedMTU mapped to RADIUS Framed-MTU rlm_ldap: LDAP radiusFramedCompression mapped to RADIUS Framed-Compression rlm_ldap: LDAP radiusLoginIPHost mapped to RADIUS Login-IP-Host rlm_ldap: LDAP radiusLoginService mapped to RADIUS Login-Service rlm_ldap: LDAP radiusLoginTCPPort mapped to RADIUS Login-TCP-Port rlm_ldap: LDAP radiusCallbackNumber mapped to RADIUS Callback-Number rlm_ldap: LDAP radiusCallbackId mapped to RADIUS Callback-Id rlm_ldap: LDAP radiusFramedIPXNetwork mapped to RADIUS Framed-IPX-Network rlm_ldap: LDAP radiusClass mapped to RADIUS Class rlm_ldap: LDAP radiusSessionTimeout mapped to RADIUS Session-Timeout rlm_ldap: LDAP radiusIdleTimeout mapped to RADIUS Idle-Timeout rlm_ldap: LDAP radiusTerminationAction mapped to RADIUS Termination-Action rlm_ldap: LDAP radiusLoginLATService mapped to RADIUS Login-LAT-Service rlm_ldap: LDAP radiusLoginLATNode mapped to RADIUS Login-LAT-Node rlm_ldap: LDAP radiusLoginLATGroup mapped to RADIUS Login-LAT-Group rlm_ldap: LDAP radiusFramedAppleTalkLink mapped to RADIUS Framed-AppleTalk-Link rlm_ldap: LDAP radiusFramedAppleTalkNetwork mapped to RADIUS Framed-AppleTalk-Network rlm_ldap: LDAP radiusFramedAppleTalkZone mapped to RADIUS Framed-AppleTalk-Zone rlm_ldap: LDAP radiusPortLimit mapped to RADIUS Port-Limit rlm_ldap: LDAP radiusLoginLATPort mapped to RADIUS Login-LAT-Port rlm_ldap: LDAP radiusReplyMessage mapped to RADIUS Reply-Message conns: 0x80125f20 Module: Instantiated ldap (ldap) Module: Loaded eap rlm_eap: Loaded and initialized type md5 rlm_eap: Loaded and initialized type leap rlm_eap: Loaded and initialized type gtc rlm_eap_tls: Loading the certificate file as a chain rlm_eap: Loaded and initialized type tls rlm_eap: Loaded and initialized type ttls rlm_eap: Loaded and initialized type peap rlm_eap: Loaded and initialized type mschapv2 Module: Instantiated eap (eap) Module: Loaded preprocess Module: Instantiated preprocess (preprocess) Module: Loaded realm Module: Instantiated realm (suffix) Module: Loaded files Module: Instantiated files (files) Module: Loaded Acct-Unique-Session-Id Module: Instantiated acct_unique (acct_unique) Module: Loaded detail Module: Instantiated detail (detail) Module: Loaded radutmp Module: Instantiated radutmp (radutmp) Initializing the thread pool... Listening on authentication 172.17.152.34:1812 Listening on accounting 172.17.152.34:1813 Ready to process requests. rad_recv: Access-Request packet from host 10.152.0.61:1851, id=27, length=46 User-Name = "mjones" User-Password = "xxxxx" rlm_pap: WARNING! No "known good" password found for the user. Authentication may fail because of this. rlm_ldap: - authenticate rlm_ldap: login attempt by "mjones" with password "xxxx" rlm_ldap: ldap_get_conn: Checking Id: 0 rlm_ldap: ldap_get_conn: Got Id: 0 rlm_ldap: (re)connect to 172.17.152.4:636, authentication 0 rlm_ldap: setting TLS mode to 1 rlm_ldap: setting TLS CACert File to /etc/raddb/certs/rootder.b64 rlm_ldap: setting TLS CACert Directory to /etc/raddb/certs/ rlm_ldap: setting TLS Require Cert to demand rlm_ldap: bind as cn=adm_radius,o=hpsd_48/xxxxx to 172.17.152.4:636 rlm_ldap: waiting for bind result ... rlm_ldap: Bind was successful rlm_ldap: ldap_release_conn: Release Id: 0 rlm_ldap: user DN: cn=Mjones,o=HPSD_48 rlm_ldap: (re)connect to 172.17.152.4:636, authentication 1 rlm_ldap: setting TLS mode to 1 rlm_ldap: setting TLS CACert File to /etc/raddb/certs/rootder.b64 rlm_ldap: setting TLS CACert Directory to /etc/raddb/certs/ rlm_ldap: setting TLS Require Cert to demand rlm_ldap: bind as cn=Mjones,o=HPSD_48/xxxxx to 172.17.152.4:636 rlm_ldap: waiting for bind result ... rlm_ldap: Bind was successful rlm_ldap: user mjones authenticated succesfully Login OK: [mjones] (from client xxxxxx port 0) ----------------------------------------------------------------------------------------------------- Sending Access-Accept of id 27 to 10.152.0.61 port 1851 rad_recv: Access-Request packet from host 10.152.0.100:36595, id=29, length=194 NAS-IP-Address = 10.152.0.100 NAS-Port = 0 NAS-Port-Type = Wireless-802.11 User-Name = "mjones" Calling-Station-Id = "0022FA4B4F18" Called-Station-Id = "000B86611894" MS-CHAP-Challenge = 0x31f67b603f85bedb36920a24a8519b6b MS-CHAP2-Response = 0x0700ac3bda3013be2b60fd6c451363cf5b470000000000000000021dd9e1c54f208a9d350faa59da531e667ca8ec1a5678f9 Service-Type = Login-User Aruba-Essid-Name = "HPSD_RAD2" Aruba-Location-Id = "Tech 01" rlm_pap: WARNING! No "known good" password found for the user. Authentication may fail because of this. Login incorrect: [mjones] (from client xxxxxx port 0 cli 0022FA4B4F18) rad_recv: Access-Request packet from host 10.152.0.100:36595, id=29, length=194 Sending Access-Reject of id 29 to 10.152.0.100 port 36595 -- View this message in context: http://freeradius.1045715.n5.nabble.com/Radping-Works-Wireless-fails-tp3348813p3348813.html Sent from the FreeRadius - User mailing list archive at Nabble.com. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html