Discussion:
Local user and LDAP
Manuel Izquierdo
2015-01-05 11:28:45 UTC
Permalink
Hi

I am new using freeradius.

I am trying to configure freeradius to authenticate with LDAP and it is working well. Also I want to use a local user in the users file to use from network manager server but this user must be authenticated in local and donÂŽt go to the LDAP.

This is my configuration:

/etc/raddb/sites-available/default

authorize {

preprocess
chap
mschap
digest
files
ldap

}


/etc/raddb/users

admin Cleartext-Password := šsetupš
DEFAULT LDAP-GROUP == ¹Network-monitor”
DEFAULT Auth-Type = Local
Fall-Through = yes

With this configuration always is working LDAP, if you do a debug using the local user I can see:

- [ files ] returns ok
- Now start again LDAP ?? 
. WARNING: Auth-Type already set. Not setting to PAP
Failed to authenticate the user

I don’t know why it trying using LDAP. Please, would you mind the simplest way to have a local user and LDAP working. If it is the local user don®t use LDAP or if LDAP not found the user user local file.

Regards

Manuel Izquierdo Calvo
Senior Technical Specialist
Mail: ***@gmail.com <mailto:***@gmail.com>
Mob: + 61 431 452 049
A***@lboro.ac.uk
2015-01-05 12:14:28 UTC
Permalink
Hi,
no, its just a small small bit of your configuration

in users file
DEFAULT Auth-Type = Local
you dont need this line
- [ files ] returns ok
- Now start again LDAP ?? .... WARNING: Auth-Type already set. Not setting
to PAP
Failed to authenticate the user
try this in your bit of config that you did provide

change

files

to

files {
ok = return
}


alan
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Manuel Izquierdo
2015-01-05 12:38:11 UTC
Permalink
Hi

I put this configuration and now the local user is fine but LDAP is not working. Error:

[ldap] User found in group RS-Network-customer
[files] users. Matched entry DEFAULT at line 233 <— DEFAULT LDAD-GROUP IS OK
ERROR: No authenticate method (Auth-Type) found for the request: Rejecting the user
Failed to authenticate the user.

There is a problem with the Auth-Type ??

Manuel
Post by A***@lboro.ac.uk
Hi,
no, its just a small small bit of your configuration
in users file
DEFAULT Auth-Type = Local
you dont need this line
- [ files ] returns ok
- Now start again LDAP ?? .... WARNING: Auth-Type already set. Not setting
to PAP
Failed to authenticate the user
try this in your bit of config that you did provide
change
files
to
files {
ok = return
}
alan
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Alan DeKok
2015-01-05 12:45:27 UTC
Permalink
Post by Manuel Izquierdo
Hi
[ldap] User found in group RS-Network-customer
[files] users. Matched entry DEFAULT at line 233 <— DEFAULT LDAD-GROUP IS OK
ERROR: No authenticate method (Auth-Type) found for the request: Rejecting the user
Failed to authenticate the user.
There is a problem with the Auth-Type ??
You need to run the “pap” module. The simplest way to do this is the following:

authorize {

files
if (noop) {
… all of the OTHER things in “authorize” ...
}

pap
}

Alan DeKok.

-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Manuel Izquierdo
2015-01-05 13:01:19 UTC
Permalink
ThatŽs right, WORKING

Thanks a lot

Manuel
Post by Manuel Izquierdo
Post by Manuel Izquierdo
Hi
[ldap] User found in group RS-Network-customer
[files] users. Matched entry DEFAULT at line 233 <— DEFAULT LDAD-GROUP IS OK
ERROR: No authenticate method (Auth-Type) found for the request: Rejecting the user
Failed to authenticate the user.
There is a problem with the Auth-Type ??
authorize {
…
files
if (noop) {
… all of the OTHER things in “authorize” ...
}
pap
}
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Continue reading on narkive:
Loading...