http://wiki.freeradius.org/index.php/FreeRADIUS_Wiki:FAQ#It_says_.22Could_not_link_..._file_not_found.22.2C_what_do_I_do.3F
Ivan Kalik
Kalik Informatika ISP
Dana 27/3/2008, "antoine vallée" <[EMAIL PROTECTED]> piše:
>
>Hi,
>
>I'm trying to to dynamic vlans assignment with freeradius (eap-md5 a
I searched throught the threads and found this thread exactly matching to my
error I am getting. I am getting following error while debugging freeradius
for using LDAP:
/usr/local/etc/raddb/modules/ldap[29]: Failed to link to module 'rlm_ldap':
file not found
/usr/local/etc/raddb/sites-enabled/inn
suggestme wrote:
> I searched throught the threads and found this thread exactly matching to my
> error I am getting. I am getting following error while debugging freeradius
> for using LDAP:
>
> /usr/local/etc/raddb/modules/ldap[29]: Failed to link to module 'rlm_ldap':
> file not found
And th
Alan,
I tried the 3 steps that is suggested in FAQ, that isn't working. Also, As
suggested in 3rd (b) step; I found the 'radiusd.conf' file inside
/usr/local/etc/raddb/radiusd.conf. Inside radiusd.conf file it is suggesting
to do :
To work around the problem, find out which library contains that
suggestme wrote:
> I tried the 3 steps that is suggested in FAQ, that isn't working.
The steps in the FAQ assume that you built the server yourself from
source. Did you?
They also assume (step 1), that you read the output. That will tell
you whether or not the required LDAP libraries and he
Alan,
The LDAP server was already configred in other machine by System
Administrator. I am trying to link FreeRadius to that existing and already
running LDAP server and authenticate the users using already configured
attribute. I didn't download LDAP on this machine where FreeRadius is
running.
You say the LDAP server is on another serverbut your config says its on
localhost. One of these statements isn't correct . As per five, send radius -X
to the list, not just little snippets of what you feel like sending...
alan
--
Message may be brief as it has been sent from my mobile
-
Li
On 11/09/2011 01:40 PM, suggestme wrote:
The LDAP server was already configred in other machine by System
Administrator. I am trying to link FreeRadius to that existing and already
running LDAP server and authenticate the users using already configured
attribute. I didn't download LDAP on this ma
Alan,
*Sorry for the confusion I made. I have put the name of LDAP server
accordingly , not the localhost. Just for privacy I didn't put here.*
Here is the output of radiusd -X command:
# radiusd -X
FreeRADIUS Version 2.1.10, for host i386-portbld-freebsd8.2, built on Oct 21
2011 at 11:26:0
suggestme wrote:
> *Sorry for the confusion I made. I have put the name of LDAP server
> accordingly , not the localhost. Just for privacy I didn't put here.*
>
> Here is the output of radiusd -X command:
Which is the same error.
Your problem is simple. We are trying to help you, and you ar
Hi,
> *Sorry for the confusion I made. I have put the name of LDAP server
> accordingly , not the localhost. Just for privacy I didn't put here.*
okay
> Here is the output of radiusd -X command:
and there. bingo.
> libdir = "/usr/local/lib/freeradius-2.1.10"
urgh. why? really...wh
Alan DeKok wrote too quickly:
> But you need to posting the same question. If you do, you can be
> unsubscribed.
You need to *stop* posting the same question.
I think I might set up a bot to monitor the list. The same question 3
times from someone results in them being unsubscribed.
Al
ntion is not to trouble by sending the same post. I just want suggestion
from this group.
Again, Sorry if my questions troubled you guys.
Thanks
Date: Wed, 9 Nov 2011 12:19:15 -0800
From: ml-node+s1045715n4978982...@n5.nabble.com
To: samanaupadh...@hotmail.com
Subject: Re: ldap+freerad
guys.
>
> Thanks
>
>
> Date: Wed, 9 Nov 2011 12:19:15 -0800
> From: [hidden email]
> To: [hidden email]
> Subject: Re: ldap+freeradius
>
> Alan DeKok wrote too quickly:
>> But you need to posting the same question. If you d
18:06:16 -0800
From: ml-node+s1045715n4979784...@n5.nabble.com
To: samanaupadh...@hotmail.com
Subject: Re: ldap+freeradius
Hi,
> *Sorry for the confusion I made. I have put the name of LDAP server
> accordingly , not the localhost. Just for privacy I didn't put here.*
okay
Hi,
>I configured FreeRadius for Authentication with Active Directory by
>following the steps as suggested by Alan's deployingradius.com. Everything
>is working successfully like Samba, Kerberos, ntlm_auth configuration, I
>can successfully join the domain as an administrator and a
David N'DAKPAZE wrote:
> Hello,
> Please I 'd to know how to use an ldap as a database of freeradius. I
> use freeradius-server-2.1.3. Is it possible to use more than one nas in
> clients.conf ? If yes how to do it?
Read the examples in clients.conf? There is lots of documentation.
> How to co
Please it seems that ldap works only with pap.Is it true? tell me how to
configure many clients (nas) in clients.conf
2009/3/23, Alan DeKok :
>
> David N'DAKPAZE wrote:
> > Hello,
> > Please I 'd to know how to use an ldap as a database of freeradius. I
> > use freeradius-server-2.1.3. Is it possi
Am Dienstag, 24. März 2009 09:33:51 schrieb David N'DAKPAZE:
> Please it seems that ldap works only with pap.Is it true? tell me how to
> configure many clients (nas) in clients.conf
Gamarjoobat,
See the protocol and authentication server compatibility charts for more info.
http://deployingradius
My problem is that i have define 2 clients but radius works with only the
first nas. please see the output of the radtest:
Ignoring request to authentication address * port 1812 from unknown client
172.30.10.71 port 38509
Ready to process requests.
Ignoring request to authentication address * port
Am Dienstag, 24. März 2009 10:50:58 schrieb David N'DAKPAZE:
> My problem is that i have define 2 clients but radius works with only the
> first nas. please see the output of the radtest:
> Ignoring request to authentication address * port 1812 from unknown client
> 172.30.10.71 port 38509
> Ready
Post your clients.conf and startup output of radiusd -X (before you send
any requests).
Ivan Kalik
Kalik Informatika ISP
Dana 24/3/2009, "David N'DAKPAZE" piše:
>My problem is that i have define 2 clients but radius works with only the
>first nas. please see the output of the radtest:
>Ignoring
I've put it in; the output of radiusd -X is:
FreeRADIUS Version 2.1.3, for host i686-pc-linux-gnu, built on Mar 12 2009
at 17:24:19
Copyright (C) 1999-2008 The FreeRADIUS server project and contributors.
There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A
PARTICULAR PURPOSE.
You ma
>I've put it in; the output of radiusd -X is:
>
..
> client GW-RADIUS {
>ipaddr = 172.30.3.121
>require_message_authenticator = no
>secret = "moov123"
>shortname = "GW-RADIUS"
>nastype = "cisco"
> }
> client 172.30.2.14 {
>ipaddr = 172.30.2.14
>
Am Dienstag, 24. März 2009 11:12:50 schrieb David N'DAKPAZE:
> client GW-RADIUS {
> ipaddr = 172.30.3.121
> require_message_authenticator = no
> secret = "moov123"
> shortname = "GW-RADIUS"
> nastype = "cisco"
> }
> client 172.30.2.14 {
> ipaddr = 1
The server doesn't see it but i've put it; i don't it ignores it
2009/3/24
> >I've put it in; the output of radiusd -X is:
> >
> ..
> > client GW-RADIUS {
> >ipaddr = 172.30.3.121
> >require_message_authenticator = no
> >secret = "moov123"
> >shortname = "GW-RADIU
>The server doesn't see it but i've put it; i don't it ignores it
>
Put it where? In the clients.conf file listed in the debug? Or in some
other clients.conf file server is not using!
Ivan Kalik
Kalik Informatika ISP
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.htm
>I've add other clients in the client .conf but when i debug the server they
>don't appear in the output of radiusd -X. ii dont know why.
>
Because that is not the file server is using. Read the debug - it lists
which clients.conf file server is reading. Edit that one.
Ivan Kalik
Kalik Informatik
Excuse me, i know that it is that clients.conf the server is using because
when i modify a client which appears in the debug output the server
considers this changes and te debug output isn't the same
2009/3/24
> >I've add other clients in the client .conf but when i debug the server
> they
> >d
Post the debug *and* clients.conf. Mask the passwords this time.
Ivan Kalik
Kalik Informatika ISP
Dana 24/3/2009, "David N'DAKPAZE" piše:
>Excuse me, i know that it is that clients.conf the server is using because
>when i modify a client which appears in the debug output the server
>considers
Am Dienstag, 24. März 2009 12:21:06 schrieb David N'DAKPAZE:
> I've add other clients in the client .conf but when i debug the server they
> don't appear in the output of radiusd -X. ii dont know why.
radiusd knows the clients it displays during the debug output. Please recheck
your setup WHERE y
I've add other clients in the client .conf but when i debug the server they
don't appear in the output of radiusd -X. ii dont know why.
2009/3/24
> >The server doesn't see it but i've put it; i don't it ignores it
> >
>
> Put it where? In the clients.conf file listed in the debug? Or in some
> o
clients.conf:
# -*- text -*-
##
## clients.conf -- client configuration directives
##
## $Id$
###
#
# Define RADIUS clients (usually a NAS, Access Point, etc.).
#
# Defines a RADIUS client.
#
# '127.0.0.1' is another name
Le Tuesday 24 March 2009 12:33:40 David N'DAKPAZE, vous avez écrit :
> Excuse me, i know that it is that clients.conf the server is using because
> when i modify a client which appears in the debug output the server
> considers this changes and te debug output isn't the same
>
> 2009/3/24
>
> > >I
yes.
2009/3/24 Laurent Besson
> Le Tuesday 24 March 2009 12:33:40 David N'DAKPAZE, vous avez écrit :
> > Excuse me, i know that it is that clients.conf the server is using
> because
> > when i modify a client which appears in the debug output the server
> > considers this changes and te debug o
thank you, now it is ok
2009/3/24 David N'DAKPAZE
> yes.
>
> 2009/3/24 Laurent Besson
>
> Le Tuesday 24 March 2009 12:33:40 David N'DAKPAZE, vous avez écrit :
>> > Excuse me, i know that it is that clients.conf the server is using
>> because
>> > when i modify a client which appears in the deb
>Client RADIUS {
..
That should be:
client RADIUS {
..
Ivan Kalik
Kalik Informatika ISP
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Am Dienstag, 24. März 2009 12:51:31 schrieb David N'DAKPAZE:
> clients.conf:
> Client RADIUS {
> ipaddr= 172.30.1.10
> # # secret and password are mapped through the "secrets" file.
> secret= xx
> shortname = RADIUS
> # # the following three fields a
I want to use crypt -passwords (pap) but Idon't know where to define it.
Only cleartext-passwords are accepted. Can somebody help me
2009/3/24
> >Client RADIUS {
> ..
>
> That should be:
>
> client RADIUS {
> ..
>
> Ivan Kalik
> Kalik Informatika ISP
>
> -
> List info/subscribe/unsubscribe? See
Am 24.03.2009 um 18:00 schrieb David N'DAKPAZE:
I want to use crypt -passwords (pap) but Idon't know where to
define it. Only cleartext-passwords are accepted. Can somebody help me
PAP needs cleartext passwords (see http://en.wikipedia.org/wiki/
Password_authentication_protocol )
Have a n
>I want to use crypt -passwords (pap) but Idon't know where to define it.
>Only cleartext-passwords are accepted. Can somebody help me
>
For cypted passwords use attribute Crypt-Password:
Crypt-Password := "...
Ivan Kalik
Kalik Informatika ISP
-
List info/subscribe/unsubscribe? See http://www.f
Please which protocol more secure can i use with ldap as database?
2009/3/24 Nicolas Goutte
>
> Am 24.03.2009 um 18:00 schrieb David N'DAKPAZE:
>
> I want to use crypt -passwords (pap) but Idon't know where to define it.
> Only cleartext-passwords are accepted. Can somebody help me
>
>
> PAP
Forget what I have written, see http://deployingradius.com/documents/
protocols/compatibility.html
Am 24.03.2009 um 18:05 schrieb Nicolas Goutte:
Am 24.03.2009 um 18:00 schrieb David N'DAKPAZE:
I want to use crypt -passwords (pap) but Idon't know where to
define it. Only cleartext-password
I've use it but the authentication have failed
SRV-RADIUS:/var/log# radtest steve testing localhost 1812 x
Sending Access-Request of id 151 to 127.0.0.1 port 1812
User-Name = "steve"
User-Password = "x"
NAS-IP-Address = 172.30.10.71
NAS-Port = 1812
rad_recv:
Am 24.03.2009 um 18:15 schrieb David N'DAKPAZE:
Please which protocol more secure can i use with ldap as database?
As I wrote in the email as answer to my email (and an URL I missed to
find the whole day as answer to your problems), see http://
deployingradius.com/documents/protocols/compa
I've seen it and there it is said that we can use crypt passwords but inmy
case i have an access-reject:
rad_recv: Access-Request packet from host 127.0.0.1 port 58647, id=108,
length=5 7
User-Name = "steve"
User-Password = "x"
David N'DAKPAZE wrote:
> I've seen it and there it is said that we can use crypt passwords but
> inmy case i have an access-reject:
...
> [pap] login attempt with password "testing"
> [pap] Using CRYPT encryption.
> [pap] Passwords don't match
That should be clear.
Alan DeKok.
-
List info/sub
Please why crypt-passwords don't work in ths case?
2009/3/24 Alan DeKok
> David N'DAKPAZE wrote:
> > I've seen it and there it is said that we can use crypt passwords but
> > inmy case i have an access-reject:
> ...
> > [pap] login attempt with password "testing"
> > [pap] Using CRYPT encryption
>From your log.
>> [pap] Passwords don't match
--
Philippe-Alexandre Lemelin
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Am Dienstag, 24. März 2009 18:15:26 schrieb David N'DAKPAZE:
> Please which protocol more secure can i use with ldap as database?
the answer to this question was in one of my first replies to your mail.
AGAIN! See:
http://deployingradius.com/documents/protocols/compatibility.html
http://deployingr
>Please why crypt-passwords don't work in ths case?
>
It has nothing to do with crypt. Password you have entered to log in and
password that is stored in users file are not the same.
Ivan Kalik
Kalik Informatika ISP
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
please how must Iconfigure ldap for authentication?
2009/3/24
> >Please why crypt-passwords don't work in ths case?
> >
>
> It has nothing to do with crypt. Password you have entered to log in and
> password that is stored in users file are not the same.
>
> Ivan Kalik
> Kalik Informatika ISP
Read doc/rlm_ldap.
Ivan Kalik
Kalik Informatika ISP
Dana 25/3/2009, "David N'DAKPAZE" piše:
>please how must Iconfigure ldap for authentication?
>
>
>
>2009/3/24
>
>> >Please why crypt-passwords don't work in ths case?
>> >
>>
>> It has nothing to do with crypt. Password you have entered to l
I've read it but it is not very clear for me.
2009/3/25
> Read doc/rlm_ldap.
>
> Ivan Kalik
> Kalik Informatika ISP
>
>
> Dana 25/3/2009, "David N'DAKPAZE" piše:
>
> >please how must Iconfigure ldap for authentication?
> >
> >
> >
> >2009/3/24
> >
> >> >Please why crypt-passwords don't work in
Me I have a database already (ldap) and i want to synchronize it with
freeradius.
2009/3/25 David N'DAKPAZE
> I've read it but it is not very clear for me.
>
> 2009/3/25
>
> Read doc/rlm_ldap.
>>
>> Ivan Kalik
>> Kalik Informatika ISP
>>
>>
>> Dana 25/3/2009, "David N'DAKPAZE" piše:
>>
>> >ple
So what is unclear in the configuration file?
Ivan Kalik
Kalik Informatika ISP
Dana 25/3/2009, "David N'DAKPAZE" piše:
>Me I have a database already (ldap) and i want to synchronize it with
>freeradius.
>
>2009/3/25 David N'DAKPAZE
>
>> I've read it but it is not very clear for me.
>>
>> 2009
It is the file i must configure or the ldap file which is in
/raddb/modules/ldap
2009/3/25
> So what is unclear in the configuration file?
>
> Ivan Kalik
> Kalik Informatika ISP
>
>
> Dana 25/3/2009, "David N'DAKPAZE" piše:
>
> >Me I have a database already (ldap) and i want to synchronize it
>It is the file i must configure or the ldap file which is in
>/raddb/modules/ldap
>
raddb/modules/ldap is ldap module configuration file.
Ivan Kalik
Kalik Informatika ISP
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>Please, I want to know which relation exist between /modules/ldap and
>rlm_ldap.
>What is the meaning of theses lines of the file /modules/ldap:
>
>#identity = "cn=admin,o=My Org,c=UA"
>#password = mypass
>basedn = "o=My Org,c=UA"
>filter = "(uid=%{Stripped-User-Name:-%{Use
I've configured Freeradius to use LDAP but when debug it I have This:
Starting - reading configuration files ...
including configuration file /usr/local/etc/raddb/radiusd.conf
including configuration file /usr/local/etc/raddb/proxy.conf
including configuration file /usr/local/etc/raddb/clients.con
>I've configured Freeradius to use LDAP but when debug it I have This:
>
..
>/usr/local/etc/raddb/modules/ldap[29]: Failed to link to module
>'rlm_ldap': rlm_ ldap.so:
>cannot open shared object file: No such file or directory
If you installed from the s
Please, I want to know which relation exist between /modules/ldap and
rlm_ldap.
What is the meaning of theses lines of the file /modules/ldap:
#identity = "cn=admin,o=My Org,c=UA"
#password = mypass
basedn = "o=My Org,c=UA"
filter = "(uid=%{Stripped-User-Name:-%{User-Name}}
please in the FAQ the error is about Mysql. I don't see what I must
change in my configuration.
2009/3/30, t...@kalik.net :
>>I've configured Freeradius to use LDAP but when debug it I have This:
>>
> ..
>>/usr/local/etc/raddb/modules/ldap[29]: Failed to link to module
>>'rlm_ldap': rlm_
>please in the FAQ the error is about Mysql.
Same applies to ldap.
Ivan Kalik
Kalik Informatika ISP
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
I've done whath is said in the FAQ and now I have this problem:
radiusd: Instantiating modules
instantiate {
/usr/local/etc/raddb/modules/exec[24]: Failed to link to module
'rlm_exec': rlm_exec.a: cannot open shared object file: No such file
or directory
Errors initializing modules
20
>I've done whath is said in the FAQ and now I have this problem:
>
>radiusd: Instantiating modules
> instantiate {
>/usr/local/etc/raddb/modules/exec[24]: Failed to link to module
>'rlm_exec': rlm_exec.a: cannot open shared object file: No such file
>or directory
>Errors initializing modu
I am re-intalling freeradius and when I run make after ./configure
--disable-shared I have this:
...
/usr/bin/ld: attempted static link of dynamic object `/usr/lib/libltdl.so'
collect2: ld returned 1 exit status
rm -f .libs/radiusdS.o
make[4]: *** [radiusd] Error 1
make[4]: Leaving directory `/tmp/
>I am re-intalling freeradius and when I run make after ./configure
>--disable-shared
Why resort to such desperate measures? Find the libraries and add the
path to your linker.
Ivan Kalik
Kalik Informatika ISP
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
David N'DAKPAZE wrote:
I am re-intalling freeradius and when I run make after ./configure
--disable-shared I have this:
Don't make matters worse by trying to defeat loadable modules. Go back
and figure out why the loader can't find the modules. A good place to
start is looking to see what libdi
Please now i have a new problem; i use an Active Directory database and when
i do a radtest, it is always access-reject like this:
rad_recv: Access-Request packet from host 172.41.10.71 port 42678, id=153,
length=61
User-Name = "azerty5"
User-Password = "x"
NAS-IP-A
>Please now i have a new problem; i use an Active Directory database and when
>i do a radtest, it is always access-reject like this:
http://deployingradius.com/documents/configuration/active_directory.html
Ivan Kalik
Kalik Informatika ISP
-
List info/subscribe/unsubscribe? See http://www.freerad
On Thu, 1 Apr 2004, Murtuza wrote:
> Hi,
>
> We are using ldap for authentication & following are the ldap attributes.
>
> uid=username.domainname.com, ou=dialup, o=xxx
> objectclass=top
> objectclass=person
> objectclass=radiusprofile
> uid=username.domainname.com
> mail=username.domainname.com
>
fernando@gmail.com wrote:
> *now i've a problem, and this is making me crazy!*
> *i change the /module/LDAP and now i can authenticate using plaintext or
> when i use the passwordwith {crypt}*
>
> *but when i try to use {md5} this dont work!*
You edited the configuration file and broke it.
sorry man, u didnt help.
i tryed 1000 things and this actual configurations is the best i can make.
why instead so be rude with me dont try to realy help me? like send me you
default file or the orthers file to config?
i dindt do anything without to fallow guides on internet. im trying to
learn ho
fernando@gmail.com wrote:
> sorry man, u didnt help.
I don't see why.
> i tryed 1000 things and this actual configurations is the best i can make.
Nonsense.
> why instead so be rude with me dont try to realy help me? like send me
> you default file or the orthers file to config?
Beca
On 14 Mar 2013, at 22:52, fernando@gmail.com wrote:
> Ok man,
> keep dont help too much, ill try again,
> the documentation dont helped before and i guess this will not help again...
> im keep saying dont need to be rude man, do you born everything? 2 months ago
> i never used a linux pc, no
fernando@gmail.com wrote:
> Ok man,
> keep dont help too much, ill try again,
> the documentation dont helped before and i guess this will not help again...
My suggestions work. Since you're not interested in following them, I
don't know why you're on this list.
> im keep saying dont need
Chan Min Wai (System Administrator) wrote:
I know there is some issue about that, Just want to know if it solved yet?
I'm on Fedora Core 2, freeradius version 0-0.9.3, I there any luck that
this have been solved?
Thank You
Chan Min Wai
I ran into the same problem. I talked about it a previous
free
Hi all,
I was wondering what everyone uses for an account objectClass? Right now I'm
using "Person", which makes the dn:
cn=,ou=Radius,dc=mydomain,dc=net
However, indexing the cn would index the CN of other OU's as well ...
..
I'm just wondering what people use. I know "Account" could also
> I extend my schema with RADIUS-LDAPv3.schema and use the radiusprofile
> objectclass. However, mine is old and uses uid instead of cn, which is in
> that file. You certainly could create your own objectclass or modify the
> one that is there. I think you should stick with cn, since that is wh
Well, most of our email accounts are in a different organizational unit,
and they use posixAccount (so based off of uid). However, our radius
organizational unit is separate ... and I'm now using type "account" with
cn's. You're saying this is ok?
Its probably fine.
The only reason I was com
Wassim Zaarour wrote:
> If I try to connect using ldap credentials the authentication fails,
> though the same credentials work if I use them with radtest on the localhost
Read the debug output to see WHY the user is being rejected. This is
documented in the FAQ, README, web pages, "man" page,
Thanks Alan,
I have read what you mentioned, still can't figure it out, I guess the
important part in the debug is:
ERROR: No Authenticate method (Auth-Type) found for the request: Rejecting
the user
I configured the MAC OS TTLS/CHAP (earlier I tried TTLS/EAP and still it
doesn't work)
I don't
Hi,
> I have read what you mentioned, still can't figure it out, I guess the
> important part in the debug is:
>
> ERROR: No Authenticate method (Auth-Type) found for the request: Rejecting
> the user
yes but we arent mind readers.the question will be 'why is no auth type
found?'
and the a
On 4/19/12 3:31 PM, "alan buxey" wrote:
>Hi,
>
>> I have read what you mentioned, still can't figure it out, I guess the
>> important part in the debug is:
>>
>> ERROR: No Authenticate method (Auth-Type) found for the request:
>>Rejecting
>> the user
>
>
>yes but we arent mind readers.th
Wassim Zaarour wrote:
> Hi Alan, and thanks for your reply, I don't want to paste the output here
> coz its large, should I attach it or paste here anyways or??
You can follow instructions, or you can be unsubscribed and banned
from the list.
When we ask for the debug log TWICE, the response
On 4/19/12 4:18 PM, "Alan DeKok" wrote:
>Wassim Zaarour wrote:
>> Hi Alan, and thanks for your reply, I don't want to paste the output
>>here
>> coz its large, should I attach it or paste here anyways or??
>
> You can follow instructions, or you can be unsubscribed and banned
>from the list.
hi,
quick look seems to show that you dont have a suitable authorise
section in the inner tunnel.
the tunnel gets started...your client rejects the default md5
the server sent - and EAP-TTLS gets done...the username/password
gets sent but has nothing to go against so I suggest
you add
'lda
Thanks Alan, it worked like a charm!!
But it worked using TTLS/PAP, now Windows OS natively supports PEAP, and
when I tried it with TTLS/PEAP it didn't authenticate and gave the
following debug:
I guess from the below what's important is this section
.
.
.
[eap] processing type mschapv2
[mschapv
Please read the mailing list archives, this very question and setup is often
mentioned
alan
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Buxey
Date: Friday, April 20, 2012 9:30 AM
To: Wassim Zaarour ,
"freeradius-users@lists.freeradius.org"
Subject: Re: LDAP-FreeRadius-Cisco Switch-802.1x Fails.
Please read the mailing list archives, this very question and setup is often
mentioned
alan
-
List info/subscribe/unsubs
On Fri, Apr 20, 2012 at 2:09 PM, Wassim Zaarour
wrote:
> Hi Alan,
>
> I went through the archives and did some changes but still getting the
> error, appreciate of you can help me a bit here.
>
> I think I read that the ldap request must be proxied to the inner tunnel for
> it work, is that true?
On 4/20/12 10:15 AM, "Fajar A. Nugraha" wrote:
>On Fri, Apr 20, 2012 at 2:09 PM, Wassim Zaarour
> wrote:
>> Hi Alan,
>>
>> I went through the archives and did some changes but still getting the
>> error, appreciate of you can help me a bit here.
>>
>> I think I read that the ldap request must
On Fri, Apr 20, 2012 at 2:22 PM, Wassim Zaarour
wrote:
> On 4/20/12 10:15 AM, "Fajar A. Nugraha" wrote:
>>Long version:
>>MSCHAPv2 (which also means PEAP-MSCHAPv2) needs either:
>>- Cleartext-Password or NT-Hash available (in LDAP, sql, users file
>>whatever), OR
>>- an active directory
>>
>>If
Hi Farja,
I just checked with the ldap admin and he told me passwords are stored
with SHA encryption and not cleartext. ( can't change them to clear text)
Does that means there is no way to make TTLS/PEAP/MSCHAPv2 work with it??
If I use TTLS/PAP from a Mac OS laptop, it works fine, but I'm stuc
On Fri, Apr 20, 2012 at 2:53 PM, Wassim Zaarour
wrote:
> I just checked with the ldap admin and he told me passwords are stored
> with SHA encryption and not cleartext. ( can't change them to clear text)
Figured as much :)
> Does that means there is no way to make TTLS/PEAP/MSCHAPv2 work with it
Wassim Zaarour wrote:
> Hi Farja,
>
> I just checked with the ldap admin and he told me passwords are stored
> with SHA encryption and not cleartext. ( can't change them to clear text)
>
> Does that means there is no way to make TTLS/PEAP/MSCHAPv2 work with it??
>
> If I use TTLS/PAP from a Mac
Hi,
> I just checked with the ldap admin and he told me passwords are stored
> with SHA encryption and not cleartext. ( can't change them to clear text)
is this LDAP or AD? if its AD then you can bind your FreeRADIUS box to the AD
as per docs on deployingradius.com - then it can use ntlm_auth to
Thanks Alan for the link,
I just ran to it few minutes back and its clear :)
Guess I'm gonna have to settle for a third party supplicant since I can't
change in the LDAP password storage config.
Thanks also for the other Alan and Farja.
On 4/20/12 11:15 AM, "Alan DeKok" wrote:
>Wassim Za
It's Sun Directory Server, hence LDAP not AD.
Thanks anyways :)
On 4/20/12 11:18 AM, "alan buxey" wrote:
>Hi,
>
>> I just checked with the ldap admin and he told me passwords are stored
>> with SHA encryption and not cleartext. ( can't change them to clear
>>text)
>
>is this LDAP or AD? if
100 matches
Mail list logo
