Not getting Reply-items from Ldap..

This is a discussion on Not getting Reply-items from Ldap.. within the FreeRADIUS Users forums, part of the Networking and Network Related category; Hello, I have configured FreeRadius-1.0.2 on my Redhat linux and Authorization and Authentication is being done through ...


Go Back   Usenet Forums > Networking and Network Related > FreeRADIUS Users

Reload this Page Not getting Reply-items from Ldap..

FAQ Members List Calendar Search Today's Posts Mark Forums Read

Reply

 

LinkBack Thread Tools Search this Thread Display Modes
  #1 (permalink)  
Old 03-09-2005
Girish Tyagi
 
Posts: n/a
Default Not getting Reply-items from Ldap..
Hello,

I have configured FreeRadius-1.0.2 on my Redhat linux and
Authorization and Authentication is being done through OpenLdap
server.
I am able to do both Authorization and Authentication successfully from
my Radius Server but ,I don't get reply-item from the server. I am running
my server with (radiusd -X) option.

@ I run this command from my system: @

# radtest linux linux localhost 0 testing123

@output I get is :@

Sending Access-Request of id 153 to 127.0.0.1:1812
User-Name = "linux"
User-Password = "linux"
NAS-IP-Address = dns.hclinfinet.net
NAS-Port = 0
rad_recv: Access-Accept packet from host 127.0.0.1:1812, id=153, length=20


@ Radiusd -X output gives :@

Ready to process requests.
rad_recv: Access-Request packet from host 127.0.0.1:32961, id=153, length=57
User-Name = "linux"
User-Password = "linux"
NAS-IP-Address = 255.255.255.255
NAS-Port = 0
rad_lowerpair: User-Name now 'linux'
rad_rmspace_pair: User-Name now 'linux'
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 0
modcall[authorize]: module "preprocess" returns ok for request 0
rlm_realm: No '@' in User-Name = "linux", looking up realm NULL
rlm_realm: No such realm "NULL"
modcall[authorize]: module "suffix" returns noop for request 0
rlm_ldap: - authorize
rlm_ldap: performing user authorization for linux
radius_xlat: '(uid=linux)(objectclass=radiusprofile)'
radius_xlat: 'ou=users,ou=radius,o=hclinfinet'
rlm_ldap: ldap_get_conn: Checking Id: 0
rlm_ldap: ldap_get_conn: Got Id: 0
rlm_ldap: attempting LDAP reconnection
rlm_ldap: (re)connect to localhost:389, authentication 0
rlm_ldap: bind as
cn=freeradius,ou=admins,ou=radius,o=hclinfinet/freeradius to
localhost:389
rlm_ldap: waiting for bind result ...
rlm_ldap: Bind was successful
rlm_ldap: performing search in ou=users,ou=radius,o=hclinfinet, with
filter (uid=linux)(objectclass=radiusprofile)
rlm_ldap: looking for check items in directory...
rlm_ldap: looking for reply items in directory...
rlm_ldap: user linux authorized to use remote access
rlm_ldap: ldap_release_conn: Release Id: 0
modcall[authorize]: module "ldap" returns ok for request 0
modcall: group authorize returns ok for request 0
rad_check_password: Found Auth-Type LDAP
auth: type "LDAP"
Processing the authenticate section of radiusd.conf
modcall: entering group authtype for request 0
rlm_ldap: - authenticate
rlm_ldap: login attempt by "linux" with password "linux"
rlm_ldap: user DN: uid=linux,ou=users,ou=radius,o=hclinfinet
rlm_ldap: (re)connect to localhost:389, authentication 1
rlm_ldap: bind as uid=linux,ou=users,ou=radius,o=hclinfinet/linux to
localhost:389
rlm_ldap: waiting for bind result ...
rlm_ldap: Bind was successful
rlm_ldap: user linux authenticated succesfully
modcall[authenticate]: module "ldap" returns ok for request 0
modcall: group authtype returns ok for request 0
Sending Access-Accept of id 153 to 127.0.0.1:32961
Finished request 0
Going to the next request

@ ldif file for linux user is :@

dn: uid=linux,ou=users,ou=radius,o=hclinfinet
objectclass: radiusProfile
uid: linux
userPassword: linux
radiusServiceType: Framed-User
radiusFramedProtocol: PPP
radiusFramedIPAddress: 10.0.0.1
radiusFramedIPNetmask: 255.255.255.0
radiusFramedRoute: Broadcast-Listen
radiusFilterId: "std.ppp"
radiusFramedMTU: 1500
radiusFramedCompression: Van-Jacobsen-TCP-IP
cn: linux

@ radius.conf :@

authorize {
preprocess
suffix
ldap
}
authenticate {
authtype LDAP {
ldap
}
}



But if i use files in authorize section instead of ldap, and Auth-type=Local
, and configure the reply-item in users file then I get the reply Items .

ldap.attrmap is having Radius to ldap items mapping. like.

checkItem $GENERIC$ radiusCheckItem
replyItem $GENERIC$ radiusReplyItem

checkItem Auth-Type radiusAuthType
checkItem Simultaneous-Use radiusSimultaneousUse
checkItem Called-Station-Id radiusCalledStationId
checkItem Calling-Station-Id radiusCallingStationId
checkItem LM-Password lmPassword
checkItem NT-Password ntPassword
checkItem SMB-Account-CTRL-TEXT acctFlags
checkItem Expiration radiusExpiration

replyItem Service-Type radiusServiceType
replyItem Framed-Protocol radiusFramedProtocol
replyItem Framed-IP-Address radiusFramedIPAddress
replyItem Framed-IP-Netmask radiusFramedIPNetmask
replyItem Framed-Route radiusFramedRoute

etc...


Pls guide me where I m doing mistake..

Thanks,
Girish

-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Reply With Quote
Reply
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are Off
[IMG] code is Off
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On



All times are GMT +1. The time now is 10:19 AM.

Contact Us - Usenet Forums - Archive - Top

Powered by vBulletin® Version 3.7.3
Copyright ©2000 - 2008, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO 3.0.0