Greetings.
I have a problem with freeradius using ldap to auth, here are my system
specs:
Centos 6 64bit
freeradius installed from repo
rpm -qa | grep -i freeradius
freeradius-ldap-2.1.12-4.el6_3.x86_64
freeradius-2.1.12-4.el6_3.x86_64
freeradius-utils-2.1.12-4.el6_3.x86_64
ldap already up
On 1 Jul 2013, at 12:27, Horatiu Nimigean horatiu.nimig...@ddnet.ro wrote:
Greetings.
I have a problem with freeradius using ldap to auth, here are my system specs:
Centos 6 64bit
freeradius installed from repo
rpm -qa | grep -i freeradius
freeradius-ldap-2.1.12-4.el6_3.x86_64
Hi,
and this is the output from radius (ran as radiusd -X)
http://pastebin.com/MT0txW2c
please post to the list - avoids more work at this end.
the output shows this:
Found Auth-Type = LDAP
# Executing group from file /etc/raddb/sites-enabled/default
+- entering group LDAP {...}
[ldap] login
HI Paulo,
Thanks for u reply, see below my authenticate and authorize session.
authorize {
preprocess
mschap
ldap
}
authenticate {
Auth-Type LDAP {
ldap
}
Auth-Type MS-CHAP {
mschap
}
}
2010/11/23 Paulo Maia
What auth method u're trying to use ?
EAP/PEAP ?
Regards ,
On Wed, Nov 24, 2010 at 7:52 AM, Old Eduardo oldedua...@gmail.com wrote:
HI Paulo,
Thanks for u reply, see below my authenticate and authorize session.
authorize {
preprocess
mschap
ldap
}
where i define this? eap.conf?
sorry, newbie with freeradius.
2010/11/24 Paulo Maia phc.m...@gmail.com
What auth method u're trying to use ?
EAP/PEAP ?
Regards ,
On Wed, Nov 24, 2010 at 7:52 AM, Old Eduardo oldedua...@gmail.com wrote:
HI Paulo,
Thanks for u reply, see below my
ok i found this.
sites-enabled/default
eap auth mode.
2010/11/24 Paulo Maia phc.m...@gmail.com
What auth method u're trying to use ?
EAP/PEAP ?
Regards ,
On Wed, Nov 24, 2010 at 7:52 AM, Old Eduardo oldedua...@gmail.com wrote:
HI Paulo,
Thanks for u reply, see below my authenticate
yes . but i have to include in your authorize and authenticate sessions .
What kind of auth ure trying to get ?
Regards ,
On Wed, Nov 24, 2010 at 8:43 AM, Old Eduardo oldedua...@gmail.com wrote:
where i define this? eap.conf?
sorry, newbie with freeradius.
2010/11/24 Paulo Maia
It works ?
On Wed, Nov 24, 2010 at 8:47 AM, Old Eduardo oldedua...@gmail.com wrote:
ok i found this.
sites-enabled/default
eap auth mode.
2010/11/24 Paulo Maia phc.m...@gmail.com
What auth method u're trying to use ?
EAP/PEAP ?
Regards ,
On Wed, Nov 24, 2010 at 7:52 AM, Old
I read in many sites, for get ldap auth need mschap, its true?
i try mschap.
2010/11/24 Paulo Maia phc.m...@gmail.com
yes . but i have to include in your authorize and authenticate sessions .
What kind of auth ure trying to get ?
Regards ,
On Wed, Nov 24, 2010 at 8:43 AM, Old Eduardo
no :(
in debug only appears auth type Local
see:
Wed Nov 24 08:30:54 2010 : Debug: +- entering group authorize
Wed Nov 24 08:30:54 2010 : Debug: modsingle[authorize]: calling preprocess
(rlm_preprocess) for request 0
Wed Nov 24 08:30:54 2010 : Debug: modsingle[authorize]: returned from
Do u have NT e LM passowrd attributes in ur LDAP database ? coz if u do u
could try to use EAP/PEAP .
Its easier for windows clients .
Regards ,
On Wed, Nov 24, 2010 at 9:26 AM, Old Eduardo oldedua...@gmail.com wrote:
I read in many sites, for get ldap auth need mschap, its true?
i try
comment everything the users file .
Brasileiro mano ?
On Wed, Nov 24, 2010 at 9:31 AM, Old Eduardo oldedua...@gmail.com wrote:
no :(
in debug only appears auth type Local
see:
Wed Nov 24 08:30:54 2010 : Debug: +- entering group authorize
Wed Nov 24 08:30:54 2010 : Debug:
Old Eduardo wrote:
no :(
in debug only appears auth type Local
Stop wasting your time.
You have NOT configured the server correctly, and you have NOT
followed instructions on this list.
see:
Wed Nov 24 08:30:54 2010 : Debug: +- entering group authorize
You've used radiusd -Xx. The
yes i have.
2010/11/24 Paulo Maia phc.m...@gmail.com
Do u have NT e LM passowrd attributes in ur LDAP database ? coz if u do u
could try to use EAP/PEAP .
Its easier for windows clients .
Regards ,
On Wed, Nov 24, 2010 at 9:26 AM, Old Eduardo oldedua...@gmail.com wrote:
I read in many
Paulo Maia wrote:
comment everything the users file .
Wrong answers make life difficult for everyone.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Opa e ae blz?
Vou fazer isso amanha, te mandei para teu email todo o diretorio do
freeradius para voce dar uma olhada nos confs, estou ha 3 semanas tentando
fazer essa implementacao e nao consigo cara.
amanha de manha vou la tentar denovo.
obrigado pela forca.
2010/11/24 Paulo Maia
Sorry list,
but i try to configure this in few weeks and no get sucess.
Realy need help for list.
im try to all sites in google, but no get sucess.
i try this:
http://blog.yufeng.net/index.php/2010/07/debian-poptop-freeradius-openldap/
http://wiki.freeradius.org/Rlm_ldap
Old Eduardo wrote:
but i try to configure this in few weeks and no get sucess.
Ask questions earlier.
Or, read the debug output.
Tue Nov 23 07:37:24 2010 : Debug: WARNING: Unprintable characters in
the password.Double-check the shared secret on the server and the NAS!
That
sorry alan, i understand need to read debug.
But, i see secret in clients and my test radtest user pass ip 0 secret is
corretly.
And my other doubt is in auth type = Local, why local if i put auth type
LDAP in configuration? Only get local ...
Realy sorry for this, but need u help.
Regards,
Show us your authorize and authenticate session . I had a problem like that
once
Regards ,
On Tue, Nov 23, 2010 at 9:49 AM, Old Eduardo oldedua...@gmail.com wrote:
sorry alan, i understand need to read debug.
But, i see secret in clients and my test radtest user pass ip 0 secret is
Old Eduardo wrote:
sorry alan, i understand need to read debug.
But, i see secret in clients and my test radtest user pass ip 0 secret
is corretly.
That uses a *different* secret, as the packet is coming from a
different IP address.
i.e. you can either fix the secret as suggested by
-feira, 28 de Janeiro de 2010 20:24
Para: FreeRadius users mailing list
Assunto: Re: freeRadius LDAP auth using WPA-EAP on 802.11
José Campos wrote:
I have my AP configure to use WPA-EAP and pointing to my radius server.
[eap] processing type md5
You can't use EAP-MD5 for wireless
José Campos wrote:
What do you sugest. Diable md5 on eap or not using eap?
Use an EAP method that works with an AP: PEAP, TTLS, ...
Sorry, I'm not very familiar with this subject.
Can't I still use WPA-EAP on my AP?
Yes... there are millions of people using that.
@lists.freeradius.org]
Em nome de Alan DeKok
Enviada: sexta-feira, 29 de Janeiro de 2010 11:51
Para: FreeRadius users mailing list
Assunto: Re: freeRadius LDAP auth using WPA-EAP on 802.11
José Campos wrote:
What do you sugest. Diable md5 on eap or not using eap?
Use an EAP method
José Campos wrote:
I have my AP configure to use WPA-EAP and pointing to my radius server.
[eap] processing type md5
You can't use EAP-MD5 for wireless.
rlm_eap_md5: Issuing Challenge
++[eap] returns handled
Sending Access-Challenge of id 0 to 192.168.70.70 port 1026
26 matches
Mail list logo