Alan,
I try to understand I can only get answers from you guys when
available so yes I do go off and try random howtos (literally anything
I can find) I the hopes I learn a bit more.
But yes, I am now 100% clear on not setting Auth-Type.
Thanks again Alan.
On 4/24/07, Alan DeKok <[EMAIL PROTECTE
Jacob Jarick wrote:
> So the big question is, what Auth-Type do I use ?
You have been told that you should not set it. That means "You should
not set it". It does not mean "use another value".
> If LDAP is not permitted (still confuses me as I only need / want
> radius to authenticate against
Alan,
my test pc only supports PEAP over wireless and setup has to be wireless.
Removing "ldap" from the "authenticate" section causes an EAP error,
so I guess there is more configuration than simply removing /
commenting that section out.
I dont know how to not bind as a user when using FR + LD
So the big question is, what Auth-Type do I use ?
If LDAP is not permitted (still confuses me as I only need / want
radius to authenticate against LDAP) what Auth-Type do I set in the
users file so that Wireless users can authenticate using their ADS
username and passwords.
On 4/23/07, Jacob Jari
Forgive the newbie questions but I think its best to clear up confusion.
client -> cisco -> FR server = eap
FR -> ADS 2003 = pap
Is that correct or am I way off track.
On 4/23/07, Alan DeKok <[EMAIL PROTECTED]> wrote:
> Jacob Jarick wrote:
> > Thanks again Alan,
> > For reference the oriellys L
Jacob Jarick wrote:
> Thanks again Alan,
> For reference the oriellys LDAP book instructs you to set "Auth-Type
> := LDAP" so thats where I got the bad reference (perhaps other people
> to).
Yes. There is a LOT of documentation (web pages, etc.) that say to do
the wrong thing. It's unfortunate
Thanks again Alan,
For reference the oriellys LDAP book instructs you to set "Auth-Type
:= LDAP" so thats where I got the bad reference (perhaps other people
to).
Now lets see if I understood the tables correctly.
PAP is the only method that will support LDAP bind as user ?
I should comment out
Jacob Jarick wrote:
> My problem is the ldap password retrieved from the windows client is
> not being sent to the ldap server.
The problem is that you have configured "Auth-Type := LDAP", and then
sent the server an 802.1x authentication request. Do NOT set Auth-Type =
LDAP. This is repeated a
My problem is the ldap password retrieved from the windows client is
not being sent to the ldap server.
So I get that error when trying to login.
I have added
checkItem userPassword User-Password
but it still complains of the same error.
The weird thing is It was working fine friday.
FreeRadius users mailing list on
August 9, 2005 at 02:53 -0800 wrote:
>Hi Vladimir,
>
>Tks for your help, I've managed to setup the ldap with freeradius. One
>last
>question is that is it possible to have freeradius authenticate thru ldap
>and also the users file. The reason is because I need to
sword: Found Auth-Type LDAP
auth: type "LDAP"
Processing the authenticate section of radiusd.conf
modcall: entering group Auth-Type for request 0
rlm_ldap: - authenticate
rlm_ldap: Attribute "User-Password" is required for authentication.
modcall[authenticate]: module
"melvin" <[EMAIL PROTECTED]> wrote:
> Currently I need to use ldap to authenticate my users and I keep
> encountering the same problem "rlm_ldap: Attribute "User-Password" is
> required for authentication".
Read the rest of the debug log. You have t
Hi all,
Currently I need to use ldap to authenticate my
users and I keep encountering the same problem "rlm_ldap: Attribute
"User-Password" is required for authentication". I have tried adding
"checkItem
User-Password
userPassword"
Hi
A very strange problem! Even without LDAP, just a normal radius server
with useraccounts in
the users file doesn't work.
Do you have a working radiusserver with ppp-plugin and ldap?
Can you do me a favor and look, if your ppp-radius-plugin
sends a correct Access Request -Packet WITH user-passwo
n directory...
> rlm_ldap: user testuser authorized to use remote access
> rlm_ldap: ldap_release_conn: Release Id: 0
> modcall[authorize]: module "ldap" returns ok for request 0
> modcall: group authorize returns ok for request 0
> rad_check_password: Found Auth-Typ
> I had a similar problem and the solution was the mapping, such as Edvin
> says. I add the following entries to ldap.atrrmap:
>
> checkItem LM-Password lmPassword
> checkItem NT-Password ntPassword
> checkItem User-Password
nstag, 08. März 2005 13:07
To: freeradius-users@lists.freeradius.org
Subject: Re: rlm_ldap - Attribute "User-Password" is required for
authentication
hm, ok, and that means?
Do you any suggestions how to make it work?
-
List info/subscribe/unsubscribe? See
http://www.freeradius.org
ssage-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of guest01
Sent: Dienstag, 08. März 2005 13:07
To: freeradius-users@lists.freeradius.org
Subject: Re: rlm_ldap - Attribute "User-Password" is required for
authentication
hm, ok, and that means?
Do you any suggestions how t
I think Steve is right ... This damned ppp-radius-plugin sends bad
packets to my radiusserver ... packets without the required
user-password ...
And so it must be this damned plugin ...
I testet a little bit with the windows radius test program and I sent
packets
with and without user-password to
Sébastien Cantos wrote:
>So maybe it's a NAS problem. Are you sure that the NAS is sending the
>userpassword in the request ?
>
>
>
hm, maybe, how can I test that?
I am currently trying some tests with the windowsxp radius test program
... But I am not
very optimistic
-
List info/subscribe/u
De la
> part de guest01
> Envoyé : mardi 8 mars 2005 16:16
> À : freeradius-users@lists.freeradius.org
> Objet : Re: rlm_ldap - Attribute "User-Password" is required
> for authentication
>
> Sébastien Cantos wrote:
>
> >>I had the same problem a few weeks a
Hi
Thxs for your fast and informative answer ... Indeed, a very good argument!
So I think I have to try another ppp version ... A strange problem, damned
ppp radiusplugin!!
Why can't life be easier? ;-)
thxs
peda
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
ory...
rlm_ldap: looking for reply items in directory...
rlm_ldap: user testuser authorized to use remote access
rlm_ldap: ldap_release_conn: Release Id: 0
modcall[authorize]: module "ldap" returns ok for request 0
modcall: group authorize returns ok for request 0
rad_check_password: F
d this is exactly the reason why you got the
error message from the FR server:
> rlm_ldap: Attribute "User-Password" is required for authentication.
Note the word "required".
Greetings,
Stefan Winter
--
Stefan WINTER
Fondation RESTENA - Réseau Téléinformatique de l
OTECTED] De la
> part de guest01
> Envoyé : mardi 8 mars 2005 15:44
> À : freeradius-users@lists.freeradius.org
> Objet : Re: rlm_ldap - Attribute "User-Password" is required
> for authentication
>
> hm, radius is very strange Can anyone please help me?
>
d to use remote access
rlm_ldap: ldap_release_conn: Release Id: 0
modcall[authorize]: module "ldap" returns ok for request 0
modcall: group authorize returns ok for request 0
rad_check_password: Found Auth-Type LDAP
auth: type "LDAP"
Processing the authenticate section of radi
hm, ok, and that means?
Do you any suggestions how to make it work?
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
guest01 wrote:
Hi
I have a problem with Radius-LDAP Authentication for PPTP, the log says:
rad_recv: Access-Request packet from host 127.0.0.1:1025, id=61, length=54
Service-Type = Framed-User
Framed-Protocol = PPP
User-Name = "testuser"
NAS-IP-Address = 69.25.27.17
request 0
modcall: group authorize returns ok for request 0
rad_check_password: Found Auth-Type LDAP
auth: type "LDAP"
Processing the authenticate section of radiusd.conf
modcall: entering group Auth-Type for request 0
rlm_ldap: - authenticate
rlm_ldap: Attribute "User-Password&quo
29 matches
Mail list logo