not getting authentication in 1.1.0

2007-09-14 Thread mallika 

As you said i compiled my code in 1.1.0 because for intermediate CA
authentication 1.0.x series won't work but in 1.1.0 after compilation user
not getting authenticated.iam sending logs . authentication type is not
getting.please can help what are the things should i change in 1.1.0.



radius_xlat:  '(cn=default)'
radius_xlat:  'ou=users,dc=example,dc=com'
rlm_ldap: ldap_get_conn: Checking Id: 0
rlm_ldap: ldap_get_conn: Got Id: 0
rlm_ldap: performing search in ou=users,dc=example,dc=com, with filter
(cn=default)
rlm_ldap: performing search in cn=default, ou=profiles,dc=example,dc=com,
with filter (objectclass=radiusprofile)
rlm_ldap: Adding radiusTunnelPrivateGroupId as Tunnel-Private-Group-Id,
value 1  op=11
rlm_ldap: Adding radiusTunnelMediumType as Tunnel-Medium-Type, value 6 
op=11
rlm_ldap: Adding radiusTunnelType as Tunnel-Type, value 13  op=11
rlm_ldap: Adding radiusSessionTimeout as Session-Timeout, value 1800  op=11
rlm_ldap: Adding radiusClass as Class, value default  op=11
rlm_ldap: Added password default in check items
rlm_ldap: looking for check items in directory...
rlm_ldap: Adding ntPassword as NT-Password, value
7D891AB402CAF2E89CCDD33ED54333AC  op=21
rlm_ldap: Adding lmPassword as LM-Password, value
29D5C31BFF3D8D25AAD3B435B51404EE  op=21
rlm_ldap: looking for reply items in directory...
rlm_ldap: user default authorized to use remote access
rlm_ldap: ldap_release_conn: Release Id: 0
*** AGENT Modifications*
  modcall[authorize]: module localhost returns ok for request 1
modcall: leaving group authorize (returns ok) for request 1
  rad_check_password:  Found Auth-Type EAP
auth: type 
  ERROR: Unknown value specified for Auth-Type.  Cannot perform requested
action.
rad_check_password() Returns: -1
auth: Failed to validate the user.
xmlMessage: User default Failed Authentication
Login incorrect: [default/no User-Password attribute] (from client rad
port 0 cli 00-0F-76-00-87-D6)
Delaying request 1 for 1 seconds
Finished request 1
Going to the next request

-- 
View this message in context: 
http://www.nabble.com/not-getting-authentication-in-1.1.0-tf4442509.html#a12675286
Sent from the FreeRadius - User mailing list archive at Nabble.com.

-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: intermediate CA authentication failing

2007-09-13 Thread mallika 

Thank you very much for your reply.Which freeradius server version will
support this facility.Because we are implenting it in our product.We are
using  CENT OS -kernel 2.4.20 .Is there any patches are available to upgrade
freeradius.please help me. 


Alan DeKok-4 wrote:
 
 mallika wrote:
 I am using freeradius 1.0.2.
 
   Why?
 
 ...in that case it is not checking for certificate chain
 deapth. IT is giving error 22 and unknown CA.please can any body help me
 .
 
   Because 1.0.2 doesn't have that functionality.
 
   Upgrade to the most recent version of the server.
 
   Alan DeKok.
 -
 List info/subscribe/unsubscribe? See
 http://www.freeradius.org/list/users.html
 
 

-- 
View this message in context: 
http://www.nabble.com/intermediate-CA-authentication-failing-tf4433620.html#a12649276
Sent from the FreeRadius - User mailing list archive at Nabble.com.

-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

intermediate CA authentication failing

2007-09-12 Thread mallika 

I am using freeradius 1.0.2. By  using the openssl i created selfsigned root
certificate and from that i created intermediate ca certificate.By using the
intermediate CA i created user certificate.When in 802.1x wired EAP-TLS
authentication , from the client side i was providing the certificate
certified by the intermediate CA.I copied rootCA and Intermediate CA to
/etc/raddb/certs.in that case it is not checking for certificate chain
deapth. IT is giving error 22 and unknown CA.please can any body help me .
-- 
View this message in context: 
http://www.nabble.com/intermediate-CA-authentication-failing-tf4433620.html#a12648775
Sent from the FreeRadius - User mailing list archive at Nabble.com.

-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html