Joseph Silvin
2004-04-21 12:06:58 UTC
Hi ,
I am trying to use FreeRadius ACS Server for authentication against IBM
Domino LDAP Server. The following is the error message that I get. I have
reproduced both radiusd.conf and log files. Looking forward to someone who
can help on this front.
Thanks.
JS
====================================================
Contents of radiusd.conf
====================================================
# Lightweight Directory Access Protocol (LDAP)
#
# This module definition allows you to use LDAP for
# authorization and authentication (Auth-Type := LDAP)
#
# See doc/rlm_ldap for description of configuration options
# and sample authorize{} and authenticate{} blocks
ldap {
server = 192.168.192.41
# identity = "cn=admin,o=My Org,c=UA"
# password = mypass
basedn = "ou=MyDept,ou=SBULocation,o=MyOrg"
filter = "(uid=%{Stripped-User-Name:-%{User-Name}})"
# base_filter = "(objectclass=radiusprofile)"
start_tls = no
access_attr = "dialupAccess"
dictionary_mapping = ${raddbdir}/ldap.attrmap
ldap_connections_number = 5
timeout = 4
timelimit = 3
net_timeout = 1
}
=====================================================
Log file of FreeRadius
====================================================
Nothing to do. Sleeping until we see a request.
rad_recv: Access-Request packet from host 127.0.0.1:1026, id=86, length=60
User-Name = "MyUserName"
User-Password = "MyLDAPPassword"
NAS-IP-Address = 255.255.255.255
NAS-Port = 1
modcall: entering group authorize for request 10
modcall[authorize]: module "preprocess" returns ok for request 10
modcall[authorize]: module "chap" returns noop for request 10
modcall[authorize]: module "eap" returns noop for request 10
rlm_realm: No '@' in User-Name = "MyUserName", looking up realm NULL
rlm_realm: No such realm "NULL"
modcall[authorize]: module "suffix" returns noop for request 10
users: Matched DEFAULT at 152
modcall[authorize]: module "files" returns ok for request 10
modcall[authorize]: module "mschap" returns noop for request 10
rlm_ldap: - authorize
rlm_ldap: performing user authorization for MyUserName
radius_xlat: '(uid=MyUserName)'
radius_xlat: 'ou=MyDept,ou=SBULocation,o=MyOrg'
ldap_get_conn: Got Id: 0
rlm_ldap: attempting LDAP reconnection
rlm_ldap: (re)connect to 192.168.192.41:389, authentication 0
rlm_ldap: bind as / to 192.168.192.41:389
rlm_ldap: waiting for bind result ...
rlm_ldap: LDAP login failed: check login, password settings in ldap section
of radiusd.conf
rlm_ldap: (re)connection attempt failed
rlm_ldap: search failed
ldap_release_conn: Release Id: 0
modcall[authorize]: module "ldap" returns fail for request 10
modcall: group authorize returns fail for request 10
Finished request 10
Going to the next request
--- Walking the entire request list ---
Nothing to do. Sleeping until we see a request.
=========================================================
****************DISCLAIMER***************** This message and any
attachments (hereinafter referred to as the 'mail content') is intended
solely for the addressee. The 'mail content' is confidential and may be
privileged and is also prohibited from disclosure. Access, use, copying,
distribution or re-use of the 'mail content' by anyone except the
addressee is unauthorized. If you are not the intended addressee, please
destroy all copies of the 'mail content' in your possession and also
delete the same from your computer. Any views expressed in the 'mail
content' are those of the individual sender except where the sender, with
due authority of Jyoti Structures Ltd., specifically states them to be
the views of Jyoti Structures Ltd. Nothing contained in the 'mail
content' is capable or intended to create any legally binding
obligations on the sender, Jyoti Structures Ltd. The sender, Jyoti
Structures Ltd., accepts no responsibility, whatsoever, for loss or damage
from the use of the 'Said Information' including damage from viruses.
****************************************************
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
I am trying to use FreeRadius ACS Server for authentication against IBM
Domino LDAP Server. The following is the error message that I get. I have
reproduced both radiusd.conf and log files. Looking forward to someone who
can help on this front.
Thanks.
JS
====================================================
Contents of radiusd.conf
====================================================
# Lightweight Directory Access Protocol (LDAP)
#
# This module definition allows you to use LDAP for
# authorization and authentication (Auth-Type := LDAP)
#
# See doc/rlm_ldap for description of configuration options
# and sample authorize{} and authenticate{} blocks
ldap {
server = 192.168.192.41
# identity = "cn=admin,o=My Org,c=UA"
# password = mypass
basedn = "ou=MyDept,ou=SBULocation,o=MyOrg"
filter = "(uid=%{Stripped-User-Name:-%{User-Name}})"
# base_filter = "(objectclass=radiusprofile)"
start_tls = no
access_attr = "dialupAccess"
dictionary_mapping = ${raddbdir}/ldap.attrmap
ldap_connections_number = 5
timeout = 4
timelimit = 3
net_timeout = 1
}
=====================================================
Log file of FreeRadius
====================================================
Nothing to do. Sleeping until we see a request.
rad_recv: Access-Request packet from host 127.0.0.1:1026, id=86, length=60
User-Name = "MyUserName"
User-Password = "MyLDAPPassword"
NAS-IP-Address = 255.255.255.255
NAS-Port = 1
modcall: entering group authorize for request 10
modcall[authorize]: module "preprocess" returns ok for request 10
modcall[authorize]: module "chap" returns noop for request 10
modcall[authorize]: module "eap" returns noop for request 10
rlm_realm: No '@' in User-Name = "MyUserName", looking up realm NULL
rlm_realm: No such realm "NULL"
modcall[authorize]: module "suffix" returns noop for request 10
users: Matched DEFAULT at 152
modcall[authorize]: module "files" returns ok for request 10
modcall[authorize]: module "mschap" returns noop for request 10
rlm_ldap: - authorize
rlm_ldap: performing user authorization for MyUserName
radius_xlat: '(uid=MyUserName)'
radius_xlat: 'ou=MyDept,ou=SBULocation,o=MyOrg'
ldap_get_conn: Got Id: 0
rlm_ldap: attempting LDAP reconnection
rlm_ldap: (re)connect to 192.168.192.41:389, authentication 0
rlm_ldap: bind as / to 192.168.192.41:389
rlm_ldap: waiting for bind result ...
rlm_ldap: LDAP login failed: check login, password settings in ldap section
of radiusd.conf
rlm_ldap: (re)connection attempt failed
rlm_ldap: search failed
ldap_release_conn: Release Id: 0
modcall[authorize]: module "ldap" returns fail for request 10
modcall: group authorize returns fail for request 10
Finished request 10
Going to the next request
--- Walking the entire request list ---
Nothing to do. Sleeping until we see a request.
=========================================================
****************DISCLAIMER***************** This message and any
attachments (hereinafter referred to as the 'mail content') is intended
solely for the addressee. The 'mail content' is confidential and may be
privileged and is also prohibited from disclosure. Access, use, copying,
distribution or re-use of the 'mail content' by anyone except the
addressee is unauthorized. If you are not the intended addressee, please
destroy all copies of the 'mail content' in your possession and also
delete the same from your computer. Any views expressed in the 'mail
content' are those of the individual sender except where the sender, with
due authority of Jyoti Structures Ltd., specifically states them to be
the views of Jyoti Structures Ltd. Nothing contained in the 'mail
content' is capable or intended to create any legally binding
obligations on the sender, Jyoti Structures Ltd. The sender, Jyoti
Structures Ltd., accepts no responsibility, whatsoever, for loss or damage
from the use of the 'Said Information' including damage from viruses.
****************************************************
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html