Ok, thanks... I'm searching for a solution ;-)
bye antonio
on 22/05/2006 20.11 Alan DeKok said the following:
Antonio Matera <[EMAIL PROTECTED]> wrote:
I haven't an EAP-Type entry and I don't understand where freeradius
finds this attribute
Neither do I. But the message isn't produced
Antonio Matera <[EMAIL PROTECTED]> wrote:
> I haven't an EAP-Type entry and I don't understand where freeradius
> finds this attribute
Neither do I. But the message isn't produced in the default
configuration, even when LDAP is enabled. It's something you've
changed in your configuration.
Hallo, thanks for your answers.
It's not in the conf files. Read the debug output. It's in LDAP.
Ok, the problem in the log file is this:
> rlm_ldap: ldap_get_conn: Checking Id: 0
> rlm_ldap: ldap_get_conn: Got Id: 0
> rlm_ldap: performing search in dc=create-net,dc=org, with filter
(
Antonio Matera <[EMAIL PROTECTED]> wrote:
> The problem is that I haven't set an EAP-Type in my configuration.
That's not what the debug output says.
> Can it be an "automatic" configuration of PEAP?
No.
> In my conf files I haven't an EAP-Type entry.
It's not in the conf files. R
Hi! thanks for the answer.
The problem is that I haven't set an EAP-Type in my configuration.
Can it be an "automatic" configuration of PEAP?
In my conf files I haven't an EAP-Type entry.
Bye Antonio
on 18/05/2006 18.41 Alan DeKok said the following:
Antonio Matera <[EMAIL PROTECTED]> wrote
Antonio Matera <[EMAIL PROTECTED]> wrote:
> Invalid operator for item EAP-Type: reverting to '=='
> rlm_ldap: Pairs do not match. Rejecting user.
> rlm_ldap: ldap_release_conn: Release Id: 0
> modcall[authorize]: module "ldap" returns reject for request 5
Why do you have EAP-Type in your LDAP co
Hi,
I write better my error in my log, the problem I suppose that is these
lines:
Invalid operator for item EAP-Type: reverting to '=='
rlm_ldap: Pairs do not match. Rejecting user.
rlm_ldap: ldap_release_conn: Release Id: 0
modcall[authorize]: module "ldap" returns reject for request 5
Her
Hallo, I do some test on my freeradius.
If I set "compare_check_items = yes" the PEAP seassion fails and I
receive this log:
rlm_eap_peap: Session established. Decoding tunneled attributes.
rlm_eap_peap: Received EAP-TVL response.
rlm_eap_peap: Tunneled data is valid.
rlm_eap_peap: Had sent TL
Yes, your explanation is clear. But I think that you must affect a default vlan at each user. Because the filter of ldap module is the same for each request and for your example the filter works for test2 but for test3 the Cisco-AVpair attributes is vacuum and its normal if he dont works.
My Ldap base contains attributes SSID for each users. Because my NAS
sends its vendor-specific containing the SSID where wants to connect the
users. And at each request for authentification, the module authorize
(radiusd.conf) call Ldap (with the filter) to compare the `uid' and
`SSID'. If
Ok, I dont be clear. The solution that I your given does not use the replyItem Tunnel-Medium-Type, Tunnel-Private-Group-Id, Tunnel-Type. My Ldap base contains attributes SSID for each users. Because my NAS sends its vendor-specific containing the SSID where wants to connect the use
Hi,
thanks a lot for your answer.
Your solution works fine but I don't understand some things:
1 - If I insert the Cisco-AVPair in the filter and I haven't this
attribute in my ldap user, I can't authenticate it. Is it possible to
check the ssid only if it is in the list of the ldap user attrib
Hi fillter = "(&(uid=%{Stripped-User-Name:-%{User-Name}})(radiusCiscoAVpair=%{Cisco-AVPair}))" regardsAntonio Matera <[EMAIL PROTECTED]> a écrit : Hi,thanks for the answer.I forgot my filter line in ldap
module:filter = "(uid=%{Stripped-User-Name:-%{User-Name}})"How I have to insert in th
Hi,
thanks for the answer.
I forgot my filter line in ldap module:
filter = "(uid=%{Stripped-User-Name:-%{User-Name}})"
How I have to insert in this string to add the ssid check? Where I
insert the Cisco-AVPair check?
Thanks, bye Antonio
on 16/05/2006 14.06 ludovic cailleau said the follow
Antonio Matera <[EMAIL PROTECTED]> a écrit :> > ldap {> server = "localhost"> basedn = "dc=create-net,dc=org"> password_attribute = userPassword> start_tls = no> ldap_connections_number = 5> }> You must use filter in Ldap module if you want check SSID. Youll make filter with uid and Cisco-AV
Anyone can help me?
Thanks, bye Antonio
on 15/05/2006 11.06 Antonio Matera said the following:
Hallo, I have a problem with the LDAP attributes.
I want set an ssid check in my radius authentication.
If I do it with the user file all works fine.
Now I want to insert this attribute in the ldap sc
Hallo, I have a problem with the LDAP attributes.
I want set an ssid check in my radius authentication.
If I do it with the user file all works fine.
Now I want to insert this attribute in the ldap schema.
I have inserted a new attribute radiusCisco-AVpair in my schema with
value ssid=VLAN3 and i
17 matches
Mail list logo
