Jacob Jarick wrote:
So the big question is, what Auth-Type do I use ?
You have been told that you should not set it. That means You should
not set it. It does not mean use another value.
If LDAP is not permitted (still confuses me as I only need / want
radius to authenticate against LDAP)
Alan,
I try to understand I can only get answers from you guys when
available so yes I do go off and try random howtos (literally anything
I can find) I the hopes I learn a bit more.
But yes, I am now 100% clear on not setting Auth-Type.
Thanks again Alan.
On 4/24/07, Alan DeKok [EMAIL
Jacob Jarick wrote:
My problem is the ldap password retrieved from the windows client is
not being sent to the ldap server.
The problem is that you have configured Auth-Type := LDAP, and then
sent the server an 802.1x authentication request. Do NOT set Auth-Type =
LDAP. This is repeated all
Jacob Jarick wrote:
Thanks again Alan,
For reference the oriellys LDAP book instructs you to set Auth-Type
:= LDAP so thats where I got the bad reference (perhaps other people
to).
Yes. There is a LOT of documentation (web pages, etc.) that say to do
the wrong thing. It's unfortunate that
Forgive the newbie questions but I think its best to clear up confusion.
client - cisco - FR server = eap
FR - ADS 2003 = pap
Is that correct or am I way off track.
On 4/23/07, Alan DeKok [EMAIL PROTECTED] wrote:
Jacob Jarick wrote:
Thanks again Alan,
For reference the oriellys LDAP book
So the big question is, what Auth-Type do I use ?
If LDAP is not permitted (still confuses me as I only need / want
radius to authenticate against LDAP) what Auth-Type do I set in the
users file so that Wireless users can authenticate using their ADS
username and passwords.
On 4/23/07, Jacob
Alan,
my test pc only supports PEAP over wireless and setup has to be wireless.
Removing ldap from the authenticate section causes an EAP error,
so I guess there is more configuration than simply removing /
commenting that section out.
I dont know how to not bind as a user when using FR + LDAP,
Hi Vladimir,
Tks for your help, I've managed to setup the ldap with freeradius. One last
question is that is it possible to have freeradius authenticate thru ldap
and also the users file. The reason is because I need to create a guest
account for guests to login our wireless network. But the
FreeRadius users mailing list freeradius-users@lists.freeradius.org on
August 9, 2005 at 02:53 -0800 wrote:
Hi Vladimir,
Tks for your help, I've managed to setup the ldap with freeradius. One
last
question is that is it possible to have freeradius authenticate thru ldap
and also the users file.
melvin [EMAIL PROTECTED] wrote:
Currently I need to use ldap to authenticate my users and I keep
encountering the same problem rlm_ldap: Attribute User-Password is
required for authentication.
Read the rest of the debug log. You have told the LDAP module to
perform authentication.
I have
I had a similar problem and the solution was the mapping, such as Edvin
says. I add the following entries to ldap.atrrmap:
checkItem LM-Password lmPassword
checkItem NT-Password ntPassword
checkItem User-Password
Hi
A very strange problem! Even without LDAP, just a normal radius server
with useraccounts in
the users file doesn't work.
Do you have a working radiusserver with ppp-plugin and ldap?
Can you do me a favor and look, if your ppp-radius-plugin
sends a correct Access Request -Packet WITH
guest01 wrote:
Hi
I have a problem with Radius-LDAP Authentication for PPTP, the log says:
rad_recv: Access-Request packet from host 127.0.0.1:1025, id=61, length=54
Service-Type = Framed-User
Framed-Protocol = PPP
User-Name = testuser
NAS-IP-Address = 69.25.27.170
hm, ok, and that means?
Do you any suggestions how to make it work?
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
hm, radius is very strange Can anyone please help me?
this is the logfile output after testing with radexample:
rad_recv: Access-Request packet from host 127.0.0.1:1025, id=40, length=66
User-Name = testuser
User-Password = 123456
Service-Type = Authenticate-Only
@lists.freeradius.org
Objet : Re: rlm_ldap - Attribute User-Password is required
for authentication
hm, radius is very strange Can anyone please help me?
this is the logfile output after testing with radexample:
rad_recv: Access-Request packet from host 127.0.0.1:1025,
id=40, length
Hello,
you already got this reply earlier, but here goes...
this is the logfile output after testing with radexample:
rad_recv: Access-Request packet from host 127.0.0.1:1025, id=40, length=66
User-Name = testuser
User-Password = 123456
Service-Type =
Sébastien Cantos wrote:
I had the same problem a few weeks ago. In fact the ldap wasn't returning
the user-password so it wasn't working. Chack with ldapsearch to make the
querry directly to the ldap as if you were the radius and I think that you
will see that the userpassword is not returned.
Hi
Thxs for your fast and informative answer ... Indeed, a very good argument!
So I think I have to try another ppp version ... A strange problem, damned
ppp radiusplugin!!
Why can't life be easier? ;-)
thxs
peda
-
List info/subscribe/unsubscribe? See
: mardi 8 mars 2005 16:16
À : freeradius-users@lists.freeradius.org
Objet : Re: rlm_ldap - Attribute User-Password is required
for authentication
Sébastien Cantos wrote:
I had the same problem a few weeks ago. In fact the ldap
wasn't returning
the user-password so it wasn't working. Chack
Sébastien Cantos wrote:
So maybe it's a NAS problem. Are you sure that the NAS is sending the
userpassword in the request ?
hm, maybe, how can I test that?
I am currently trying some tests with the windowsxp radius test program
... But I am not
very optimistic
-
List
I think Steve is right ... This damned ppp-radius-plugin sends bad
packets to my radiusserver ... packets without the required
user-password ...
And so it must be this damned plugin ...
I testet a little bit with the windows radius test program and I sent
packets
with and without user-password to
:07
To: freeradius-users@lists.freeradius.org
Subject: Re: rlm_ldap - Attribute User-Password is required for
authentication
hm, ok, and that means?
Do you any suggestions how to make it work?
-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
-
List info/subscribe
23 matches
Mail list logo