On 03/30/2012 05:46 PM, Stefan Winter wrote:
Please don't write private mail to me with FreeRADIUS questions.
Forwarding to freeradius-users.
Original Message
Subject: ldap-radius integration
Date: Fri, 30 Mar 2012 12:35:53 -0700
From: exu...@gmail.c
>
> could you give me some refrence material or the steps involved in integrating
> radius and ldap?
> Iam stuck with the error
> [ldap] bind as
> cn=Manager,ou=radius,dc=example,dc=com/{SSHA}N0HDoA07iBXb/qW6JmhxnkUeTkVex1mN
> to 127.0.0.1:389
> [ldap] waiting for bind result ...
> [ldap] L
Please don't write private mail to me with FreeRADIUS questions.
Forwarding to freeradius-users.
Original Message
Subject: ldap-radius integration
Date: Fri, 30 Mar 2012 12:35:53 -0700
From: exu...@gmail.com
To: stefan.win...@restena.lu
could you give me
Tom Leach wrote:
> Grr, off on a goose chase. Problem isn't in rlm_pap.c, but rlm_ldap.c.
> rlm_ldap only likes the Cleartext-Password and User-Password
> attributes.
Yes... the message you posted clearly shows it's output from the LDAP
mdoule.
> Would it be a bad thing to patch rlm_ldap.c t
ms in directory...
WARNING: No "known good" password was found in LDAP. Are you sure that
the user is configured correctly?
[ldap-server1] user testuser authorized to use remote access
Date: Tue, 27 Jul 2010 09:00:23 +0200
From: Alan DeKok
Subject: Re: Another LDAP/RADIUS integratio
Tom Leach wrote:
> Alan, I changed the ldap.attrmap file from "checkItem Crypt-Password
> userPassword" to "checkItem User-Password userPassword" and it's
> authenticating now, but I now have a new message in the debug output and
> I'm not sure if it's a problem, suggestion, or otherwise.
It's a
timelimit = 3
tls_mode = no
start_tls = yes
tls_require_cert = "allow"
tls {
start_tls = yes
cacertdir = "/etc/pki/tls/certs/"
require_cert = "demand"
}
basedn = "ou=People,o=mydomain"
John Dennis wrote:
> Just from looking at the rlm_ldap code (not actual testing) I thought if
> auto_header was set to True in the ldap config then rlm_ldap after
> looking up the configured password attribute would perform the steps you
> describe above. (strip the hash prefix and add a new attrib
On 07/23/2010 02:59 PM, Alan DeKok wrote:
Tom Leach wrote:
To correct the bind problem, I added an ACL to the directory to allow
'uid=admin,o=radtree' to access the userPassword attribute, then
configured the ldap module to use 'uid=admin,o=radtree' as the identity
and 'secret' as the password.
Tom Leach wrote:
> To correct the bind problem, I added an ACL to the directory to allow
> 'uid=admin,o=radtree' to access the userPassword attribute, then
> configured the ldap module to use 'uid=admin,o=radtree' as the identity
> and 'secret' as the password. Now the bind succeeds, the -X output
yes
cacertdir = "/etc/pki/tls/certs/"
require_cert = "demand"
}
basedn = "ou=People,o=mydomain"
filter = "(uid=%{%{Stripped-User-Name}:-%{User-Name}})"
base_filter = "(objectclass=radiusprofile)"
pas
Basant Agarwal wrote:
> Hello,
> I am trying to authenticate wifi users for wireless network ... for
> this i am using freeradius with ldap...
> When we run radtest on localhost, it is able to get authorised and
> authenticated .. it works fine but when i try from laptop(windows ) then
> it rejec
...
> --- Walking the entire request list ---
> Waking up in 1 seconds...
> --- Walking the entire request list ---
> Sending Access-Reject of id 0 to 172.16.1.80 <http://172.16.1.80/>port
> 1122
> Waking up in 4 seconds...
> --- Walking the entire request list ---
> Cleaning up request 0 ID 0 with timestamp 46b1b8cb
> Nothing to do. Sleeping until we see a request.
>
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>
--
View this message in context:
http://www.nabble.com/user-Password-required-for-ldap-radius-tp22861643p22861786.html
Sent from the FreeRadius - User mailing list archive at Nabble.com.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hello, I am trying to authenticate wifi users for wireless network ... for
this i am using freeradius with ldap...
When we run radtest on localhost, it is able to get authorised and
authenticated .. it works fine but when i try from laptop(windows ) then it
rejects the same user...
please let me
amir shrestha wrote:
> I have configured freeradius with ldap backed as given in
> http://freeradius.org/radiusd/doc/ldap_howto.txt.
>
> The user get authorized but the authentication failed.
...
> rlm_ldap: bind as uid=abc,ou=users,ou=radius,dc=whitehouse,dc=edu/12345
> to x.x.x.x:389
> rlm_ldap:
Dear all,
I have configured freeradius with ldap backed as given in
http://freeradius.org/radiusd/doc/ldap_howto.txt.
The user get authorized but the authentication failed.
The detail output is here:
Ready to process requests.
rad_recv: Access-Request packet from host a.b.c.d:3272, id=0, leng
ttributes in
> the response depending on the authentication client.
Do it in two steps. Map the AuthorisedService LDAP attribute to a
RADIUS attribute (invent a local one, see the dictionary docs), and then
depending on the NAS, map that to another attribute.
The reason for doing it this
I have an environment where I am already using LDAP for AAA for a
number of things.
We have historically used the AuthorizedService attribute in LDAP to
control the level
of access available to the user. We would like to continue to do
so. However, in order
for that to work, I need to map
Jag är bortrest några dagar och kan inte kontrollera min mail, återkom efter
den 24/4 eller kontakta kontoret på [EMAIL PROTECTED] eller +46-612-717780
Im out of office until April 24, contact office: [EMAIL PROTECTED] or
+46-612-717780
-
List info/subscribe/unsubscribe? See http://www.freeradi
Jag är bortrest några dagar och kan inte kontrollera min mail, återkom efter
den 24/4 eller kontakta kontoret på [EMAIL PROTECTED] eller +46-612-717780
Im out of office until April 24, contact office: [EMAIL PROTECTED] or
+46-612-717780
-
List info/subscribe/unsubscribe? See http://www.freeradi
Jag är bortrest några dagar och kan inte kontrollera min mail, återkom efter
den 24/4 eller kontakta kontoret på [EMAIL PROTECTED] eller +46-612-717780
Im out of office until April 24, contact office: [EMAIL PROTECTED] or
+46-612-717780
-
List info/subscribe/unsubscribe? See http://www.freeradi
Jag är bortrest några dagar och kan inte kontrollera min mail, återkom efter
den 24/4 eller kontakta kontoret på [EMAIL PROTECTED] eller +46-612-717780
Im out of office until April 24, contact office: [EMAIL PROTECTED] or
+46-612-717780
-
List info/subscribe/unsubscribe? See http://www.freeradi
Jag är bortrest några dagar och kan inte kontrollera min mail, återkom efter
den 24/4 eller kontakta kontoret på [EMAIL PROTECTED] eller +46-612-717780
Im out of office until April 24, contact office: [EMAIL PROTECTED] or
+46-612-717780
-
List info/subscribe/unsubscribe? See http://www.freeradi
Jag är bortrest några dagar och kan inte kontrollera min mail, återkom efter
den 24/4 eller kontakta kontoret på [EMAIL PROTECTED] eller +46-612-717780
Im out of office until April 24, contact office: [EMAIL PROTECTED] or
+46-612-717780
-
List info/subscribe/unsubscribe? See http://www.freeradi
Jag är bortrest några dagar och kan inte kontrollera min mail, återkom efter
den 24/4 eller kontakta kontoret på [EMAIL PROTECTED] eller +46-612-717780
Im out of office until April 24, contact office: [EMAIL PROTECTED] or
+46-612-717780
-
List info/subscribe/unsubscribe? See http://www.freeradi
Jag är bortrest några dagar och kan inte kontrollera min mail, återkom efter
den 24/4 eller kontakta kontoret på [EMAIL PROTECTED] eller +46-612-717780
Im out of office until April 24, contact office: [EMAIL PROTECTED] or
+46-612-717780
-
List info/subscribe/unsubscribe? See http://www.freeradi
Jag är bortrest några dagar och kan inte kontrollera min mail, återkom efter
den 24/4 eller kontakta kontoret på [EMAIL PROTECTED] eller +46-612-717780
Im out of office until April 24, contact office: [EMAIL PROTECTED] or
+46-612-717780
-
List info/subscribe/unsubscribe? See http://www.freeradi
Jag är bortrest några dagar och kan inte kontrollera min mail, återkom efter
den 24/4 eller kontakta kontoret på [EMAIL PROTECTED] eller +46-612-717780
Im out of office until April 24, contact office: [EMAIL PROTECTED] or
+46-612-717780
-
List info/subscribe/unsubscribe? See http://www.freeradi
Jag är bortrest några dagar och kan inte kontrollera min mail, återkom efter
den 24/4 eller kontakta kontoret på [EMAIL PROTECTED] eller +46-612-717780
Im out of office until April 24, contact office: [EMAIL PROTECTED] or
+46-612-717780
-
List info/subscribe/unsubscribe? See http://www.freeradi
Jag är bortrest några dagar och kan inte kontrollera min mail, återkom efter
den 24/4 eller kontakta kontoret på [EMAIL PROTECTED] eller +46-612-717780
Im out of office until April 24, contact office: [EMAIL PROTECTED] or
+46-612-717780
-
List info/subscribe/unsubscribe? See http://www.freeradi
Jag är bortrest några dagar och kan inte kontrollera min mail, återkom efter
den 24/4 eller kontakta kontoret på [EMAIL PROTECTED] eller +46-612-717780
Im out of office until April 24, contact office: [EMAIL PROTECTED] or
+46-612-717780
-
List info/subscribe/unsubscribe? See http://www.freeradi
Jag är bortrest några dagar och kan inte kontrollera min mail, återkom efter
den 24/4 eller kontakta kontoret på [EMAIL PROTECTED] eller +46-612-717780
Im out of office until April 24, contact office: [EMAIL PROTECTED] or
+46-612-717780
-
List info/subscribe/unsubscribe? See http://www.freeradi
Jag är bortrest några dagar och kan inte kontrollera min mail, återkom efter
den 24/4 eller kontakta kontoret på [EMAIL PROTECTED] eller +46-612-717780
Im out of office until April 24, contact office: [EMAIL PROTECTED] or
+46-612-717780
-
List info/subscribe/unsubscribe? See http://www.freeradi
No help for me?I'm desperate I've lost 3 nights now :D
I already have my own certs.
Best Regards
João Mamede
Hi I've been trying to set up my freeradius with my ldap database(all users to
authenticate) and I can't authenticate my wireless machines using my AP with
EAP.
all my config
Hi I've been trying to set up my freeradius with my ldap database(all users to
authenticate) and I can't authenticate my wireless machines using my AP with
EAP.
all my config files can be found at http://nebioq.ath.cx:85/radius.tar.bz2 and
my radiusd -X -A in http://nebioq.ath.cx:85/radiuslog.tx
Running Freeradius on fedora core 4
When I use Radiusd -X I can authenticate via the ldap server I have
running..
But when I start radius normally "service radiusd start" it starts but the
error log says It can't talk to
The ldap server..
Ideas?
Why would it working in debug but not normally
Hi,
Il giorno gio, 05-05-2005 alle 16:03 +0200, Seferovic Edvin ha scritto:
> check out the ldapattr.map file ( I think its called like that ). There you
> will find which attributes are mapped to some attributes in LDAP. You will
> find User-Password attribute mapped to Password I think. You can
Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Tiziano
Sent: Donnerstag, 05. Mai 2005 15:55
To: freeradius-users@lists.freeradius.org
Subject: Re: digest+ldap+radius
Il giorno gio, 05-05-2005 alle 15:09 +0300, Kostas Kalevras ha scritto:
> > Thu May 5 12:05:21 2005
Il giorno gio, 05-05-2005 alle 15:09 +0300, Kostas Kalevras ha scritto:
> > Thu May 5 12:05:21 2005 : Auth: Login incorrect: [EMAIL PROTECTED]/ > User-Password attribute>] (from client localhost port 5060)
> > (in the meanwhile i see ldap looking at User-Password attribute of
> > [EMAIL PROTECTED]
On Thu, 5 May 2005, Tiziano wrote:
Hi all
I'm trying to authenticate sip server with radius and ldap backend.
SIP uses digest authentication, i've mede it to work without problems i
i put an user directrly in /etc/freeradius/users:
[EMAIL PROTECTED] Auth-Type := Digest, User-Password == "1000"
Hi all
I'm trying to authenticate sip server with radius and ldap backend.
SIP uses digest authentication, i've mede it to work without problems i
i put an user directrly in /etc/freeradius/users:
[EMAIL PROTECTED] Auth-Type := Digest, User-Password == "1000"
Reply-Message = "Authenticated"
i
> Does someone have a good howto on setting up Radius to make use of an LDAP
> group. I read the ldap docs at freeradius.org and that seemed like
> overkill I just want to have a group and put the user in the group to give
> them access?
>
>
Say you have two groups, one that has access to dial an
Douglas Sterner <[EMAIL PROTECTED]> wrote:
> Does someone have a good howto on setting up Radius to make use of an LDAP
> group. I read the ldap docs at freeradius.org and that seemed like
> overkill I just want to have a group and put the user in the group to give
> them access?
The document
Does someone have a good howto on setting
up Radius to make use of an LDAP group. I read the ldap docs at freeradius.org
and that seemed like overkill I just want to have a group and put the user
in the group to give them access?
Douglas Sterner
Hello list,
I'm new to freeradius, and I'd like to know if a construction like this
is possible with freeradius:
+--+ +-+
| [EMAIL PROTECTED] |--+ +--+ RADIUS1 |
+--+ | | +-+
| |
+---
45 matches
Mail list logo