Matthew Arguin wrote:
> so it took me a while, but i finally tracked down a MAC to continue
> troubleshooting...at this point windows machines can login with RAIDUS
> auth... below is the output from an attempt with a MAC:
Can you READ the output? Or paste the output into the "debug tool"
web p
type response id 9 length 43
[eap] Continuing tunnel setup.
++[eap] returns ok
Found Auth-Type = EAP
# Executing group from file /etc/raddb/sites-enabled/default
+- entering group authenticate {...}
[eap] Request found, released from the list
[eap] EAP/peap
[eap] proces
sorry about the snipped debug. i am attaching another fresh one here.
there are no users in the files on the computer, all in LDAP so the
shadow file should not be an issue. I will find the 'unix' part and
comment it out.
-m
full debug below frm windows machine attempt:
[root@ops2 ~]# rad
Alan Buxey wrote:
> that user is in the /etc/password or /etc/shadow file? the unix module is
> picking it
> up..and that password doesnt match the one you're tryin to use...which matches
> the username/password you added into the users file?
His system has passwords in /etc/shadow, and he has
Hi,
> something else i just found radtest only seems to work from localhost..
the option in radtest is the TARGET you are talking to. so, you can talk to
127.0.0.1 but you cant talk to 192.168.10.31what does 'radiusd -X' show?
do you have any firewalling?
alan
-
List info/subscribe/unsubsc
hi,
that user is in the /etc/password or /etc/shadow file? the unix module is
picking it
up..and that password doesnt match the one you're tryin to use...which matches
the username/password you added into the users file?
alan
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list
On 02/11/11 15:41, Matthew Arguin wrote:
and here is the debug when i test a laptop connecting:
Sigh. This is not the full debug. The full debug starts when radiusd
starts up, and dumps the module configs. This is why we never ask people
to give their configs - it's in the debug, and is redu
t;Re: Contents of Freeradius-Users digest..."
Today's Topics:
1. Re: Huntgroup Checking (simonm123)
2. Re: Need help with Freeradius and 802.1X (johnboy68)
3. Re: Huntgroup Checking (Ben West)
4. Re: cisco WAP/FreeRadius/OpenLDAP (Matthew Arguin)
5
expand: %{User-Name} -> anonymous
attr_filter: Matched entry DEFAULT at line 11
++[attr_filter.access_reject] returns updated
Delaying reject of request 10 for 1 seconds
Going to the next request
Waking up in 0.4 seconds.
Cleaning up request 7 ID 136 with timestamp +64
Waking up in 0.5 seconds.
g
You can reach the person managing the list at
freeradius-users-ow...@lists.freeradius.org
When replying, please edit your Subject line so it is more specific
than "Re: Contents of Freeradius-Users digest..."
Today's Topics:
1. Re: IPv6 ready? (Alan Buxey)
2. Re: ci
Hi,
> so now the password is not clear text in the log as it was before but
> still seeing that no good password errorbut then there is that line
> towards the bottom that sasys user authorized to use remote access... do
> i need to configure Filter-Id or something in the sites-enabled/default
s.org
You can reach the person managing the list at
freeradius-users-ow...@lists.freeradius.org
When replying, please edit your Subject line so it is more specific
than "Re: Contents of Freeradius-Users digest..."
Today's Topics:
1. Re: cisco WAP/FreeRadius/OpenLDAP (Phi
On 31/10/11 14:03, Matthew Arguin wrote:
Phil,
I just confirmed that it is tagged with the {CRYPT} or {SHA} (i have
tried both). also, i changed the user that is binding to be the manager
CN which has full access to the ldap for mod etc to rule that out.
Ah. I've just seen that you are running
Phil,
I just confirmed that it is tagged with the {CRYPT} or {SHA} (i have
tried both). also, i changed the user that is binding to be the manager
CN which has full access to the ldap for mod etc to rule that out.
[ldap] performing user authorization for marguin2
[ldap] expand: (uid=%u) ->
On 28/10/11 13:46, Matthew Arguin wrote:
right now, the user that i am testing with has a password that is CRYPT.
Ok. But does it look like this:
userPassword: xxyyeeyeetwe
or this:
userPassword: {crypt}xxyyeqetew
This matters.
-
List info/subscribe/unsubscribe? See http://www.freeradius.or
right now, the user that i am testing with has a password that is
CRYPT. I am fairly certain that my user that i am binding with has the
perms to read the userPassword attribute, but i will verify that this
morning.
On 10/28/2011 4:37 AM, freeradius-users-requ...@lists.freeradius.org wrote:
On 10/27/2011 10:32 PM, Matthew Arguin wrote:
Thanks Phil. question on that. in the deployment of ldap that we have
in place the users password attribute is 'userPassword'. looking at the
ldap attribute file and various online results, is the authentication
looking for ntPassword for that ldap
On Fri, Oct 28, 2011 at 4:32 AM, Matthew Arguin
wrote:
> Thanks Phil. question on that. in the deployment of ldap that we have in
> place the users password attribute is 'userPassword'. looking at the ldap
> attribute file and various online results, is the authentication looking for
> ntPasswo
users-requ...@lists.freeradius.org wrote:
Re: cisco WAP/FreeRadius/OpenLDAP
--
Matthew Arguin
Currensee, Inc.
54 Canal St, 4th Floor
Boston, MA 02114
(617) 986-4758 (Office)
_
This email and any files transmitted with it are confidential an
On 10/27/2011 06:31 PM, Matt Arguin wrote:
Hi All,
having trouble setting up my RADIUS(FreeRADIUS Version 2.1.7) to
auth to my openldap server (openldap-2.3.43-12.el5_6.7) on CentOS 5.5.
i am trying to configure EAP-TLS and think i am pretty close. I am
Nope:
[eap] EAP/peap
[eap] process
to load module "jradius" (Alan DeKok)
> 5. RE: Failed to load module "jradius" (Travis Dimmig)
> 6. Re: cisco WAP/FreeRadius/OpenLDAP (Alan DeKok)
>
>
> --
>
> Message: 1
> Da
Matt Arguin wrote:
> having trouble setting up my RADIUS(FreeRADIUS Version 2.1.7) to
> auth to my openldap server (openldap-2.3.43-12.el5_6.7) on CentOS 5.5.
>
> i am trying to configure EAP-TLS
Then you don't need LDAP. EAP-TLS does authentication based on client
certificates. It doesn't
Hi All,
having trouble setting up my RADIUS(FreeRADIUS Version 2.1.7) to
auth to my openldap server (openldap-2.3.43-12.el5_6.7) on CentOS 5.5.
i am trying to configure EAP-TLS and think i am pretty close. I am
currently wondering if possibly i have an incorrect mapping in the
ldap.attrs file (
23 matches
Mail list logo
