Thanks, Issue has been resolved.
--
View this message in context:
http://freeradius.1045715.n5.nabble.com/Freeradius-Ldap-mosule-is-authenticating-with-wrong-password-also-tp4623550p4634082.html
Sent from the FreeRadius - User mailing list archive at Nabble.com.
-
List
Thanks, Issue has been resolved.
--
View this message in context:
http://freeradius.1045715.n5.nabble.com/Freeradius-Ldap-mosule-is-authenticating-with-wrong-password-also-tp4623550p4634084.html
Sent from the FreeRadius - User mailing list archive at Nabble.com.
-
List
Please find below the configuration and logs :-
##
/etc/raddb/users
##
DEFAULT LDAP-Group == CiscoRWL2Lr, Auth-Type := Accept
Reply-Message = Welcome! You have administrative access.,
Hi,
I have configured freeradius with LDAP authetication with my windows 2008
active directory. Two condition should met to authenticate the user 1.) User
password should match 2.) user should be member of cisco group.
Freeradius is cheking second condition only and if user enter wrong or blank
Yes, I want to send other attributes back for access to the terminal via
RADIUS i.e. user should get access to cisco device and get privilege level
15 or 1. The /etc/raddb/users entry is as following :-
DEFAULT LDAP-Group == CiscoAdminLr
Service-Type = NAS-Prompt-User,
I have started Radius with radiusd -X
After entering user name and password in cisco device it is giving %
Authorization failed. immediatley.
The logs are as following. I don't know is it stripping cisco-avpair before
the RADIUS accept packet are sent to device. How to check the same ?
Got it, Actually I was givining wrong parameter in /etc/raddb/modules/ldap
Changed the parameter as following, now it is working fine.
groupmembership_attribute = memberOf
Thanks for your support.
Vijay.
--
View this message in context:
Hi,
I am new user and using Freeradius first time. I have followed
http://www.perkinsblog.net/blog/index.php/2010/02/freeradius-and-windows-ad/
I want to authenticate freeradius with my active directory. I want to assign
Prev level 15 to Active directory user who are member of group CiscoAdmin
I have changed from %Ldap-UserDN to %{Ldap-UserDN} but still not able to
login from my cisco switch.
The logs are as following :-
rad_recv: Access-Request packet from host 172.17.3.210 port 1645, id=184,
length=82
NAS-IP-Address = 172.17.3.210
NAS-Port = 1
NAS-Port-Type =
9 matches
Mail list logo