Re: Ldap + EAP
This is a discussion on Re: Ldap + EAP within the FreeRADIUS Users forums, part of the Networking and Network Related category; Hi, I have another problem with that LDAP auth. I set clearPassword - userPassword, and i see that ldap auth.user: ...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
01-26-2007
|
|||
|
|||
Re: Ldap + EAP
Hi,
I have another problem with that LDAP auth. I set clearPassword - userPassword, and i see that ldap auth.user: rlm_ldap: user rka authorized to use remote access but after i see: rlm_eap_peap: Received EAP-TLV response. Fri Jan 26 10:18:14 2007 : Debug: rlm_eap_peap: Tunneled data is valid. Fri Jan 26 10:18:14 2007 : Debug: rlm_eap_peap: Had sent TLV failure. User was rejcted rejected earlier in this session. why ? what is wrong ? BR, /////Debug mode///// User-Name = "rka" NAS-IP-Address = 192.168.1.245 Called-Station-Id = "000f66a0643e" Calling-Station-Id = "0014a41e7112" NAS-Identifier = "000f66a0643e" NAS-Port = 61 Framed-MTU = 1400 State = 0x3e33510f9407a5ab3618886708f0a7ab NAS-Port-Type = Wireless-802.11 EAP-Message = 0x020700261900170301001bac20ee16475c5840e93722613a 0e23156a7025d2aa5bfa24846b31 Message-Authenticator = 0x0581c287817e870b2d4c1eb38f2b257f Fri Jan 26 10:18:13 2007 : Debug: rad_lowerpair: User-Name now 'rka' Fri Jan 26 10:18:13 2007 : Debug: Processing the authorize section of radiusd.conf Fri Jan 26 10:18:13 2007 : Debug: modcall: entering group authorize for request 7 Fri Jan 26 10:18:13 2007 : Debug: modsingle[authorize]: calling mschap (rlm_mschap) for request 7 Fri Jan 26 10:18:13 2007 : Debug: modsingle[authorize]: returned from mschap (rlm_mschap) for request 7 Fri Jan 26 10:18:13 2007 : Debug: modcall[authorize]: module "mschap" returns noop for request 7 Fri Jan 26 10:18:13 2007 : Debug: modsingle[authorize]: calling ldap (rlm_ldap) for request 7 Fri Jan 26 10:18:13 2007 : Debug: rlm_ldap: - authorize Fri Jan 26 10:18:13 2007 : Debug: rlm_ldap: performing user authorization for rka Fri Jan 26 10:18:13 2007 : Debug: radius_xlat: '(uid=rka)' Fri Jan 26 10:18:13 2007 : Debug: radius_xlat: 'ou=Users,dc=blstream' Fri Jan 26 10:18:13 2007 : Debug: rlm_ldap: ldap_get_conn: Checking Id: 0 Fri Jan 26 10:18:13 2007 : Debug: rlm_ldap: ldap_get_conn: Got Id: 0 Fri Jan 26 10:18:13 2007 : Debug: rlm_ldap: performing search in ou=Users,dc=blstream, with filter (uid=rka) Fri Jan 26 10:18:14 2007 : Debug: rlm_ldap: checking if remote access for rka is allowed by uid Fri Jan 26 10:18:14 2007 : Debug: rlm_ldap: Added password {CLEAR} dupa in check items Fri Jan 26 10:18:14 2007 : Debug: rlm_ldap: looking for check items in directory... Fri Jan 26 10:18:14 2007 : Debug: rlm_ldap: Adding userPassword as User-Password, value {CLEAR} dupa & op=21 Fri Jan 26 10:18:14 2007 : Debug: rlm_ldap: looking for reply items in directory... Fri Jan 26 10:18:14 2007 : Debug: rlm_ldap: user rka authorized to use remote access Fri Jan 26 10:18:14 2007 : Debug: rlm_ldap: ldap_release_conn: Release Id: 0 Fri Jan 26 10:18:14 2007 : Debug: modsingle[authorize]: returned from ldap (rlm_ldap) for request 7 Fri Jan 26 10:18:14 2007 : Debug: modcall[authorize]: module "ldap" returns ok for request 7 Fri Jan 26 10:18:14 2007 : Debug: modsingle[authorize]: calling eap (rlm_eap) for request 7 Fri Jan 26 10:18:14 2007 : Debug: rlm_eap: EAP packet type response id 7 length 38 Fri Jan 26 10:18:14 2007 : Debug: rlm_eap: No EAP Start, assuming it's an on-going EAP conversation Fri Jan 26 10:18:14 2007 : Debug: modsingle[authorize]: returned from eap (rlm_eap) for request 7 Fri Jan 26 10:18:14 2007 : Debug: modcall[authorize]: module "eap" returns updated for request 7 Fri Jan 26 10:18:14 2007 : Debug: modcall: leaving group authorize (returns updated) for request 7 Fri Jan 26 10:18:14 2007 : Debug: rad_check_password: Found Auth-Type EAP Fri Jan 26 10:18:14 2007 : Debug: auth: type "EAP" Fri Jan 26 10:18:14 2007 : Debug: Processing the authenticate section of radiusd.conf Fri Jan 26 10:18:14 2007 : Debug: modcall: entering group authenticate for request 7 Fri Jan 26 10:18:14 2007 : Debug: modsingle[authenticate]: calling eap (rlm_eap) for request 7 Fri Jan 26 10:18:14 2007 : Debug: rlm_eap: Request found, released from the list Fri Jan 26 10:18:14 2007 : Debug: rlm_eap: EAP/peap Fri Jan 26 10:18:14 2007 : Debug: rlm_eap: processing type peap Fri Jan 26 10:18:14 2007 : Debug: rlm_eap_peap: Authenticate Fri Jan 26 10:18:14 2007 : Debug: rlm_eap_tls: processing TLS Fri Jan 26 10:18:14 2007 : Debug: eaptls_verify returned 7 Fri Jan 26 10:18:14 2007 : Debug: rlm_eap_tls: Done initial handshake Fri Jan 26 10:18:14 2007 : Debug: eaptls_process returned 7 Fri Jan 26 10:18:14 2007 : Debug: rlm_eap_peap: EAPTLS_OK Fri Jan 26 10:18:14 2007 : Debug: rlm_eap_peap: Session established. Decoding tunneled attributes. PEAP tunnel data in 0000: 02 07 00 0b 21 80 03 00 02 00 02 Fri Jan 26 10:18:14 2007 : Debug: rlm_eap_peap: Received EAP-TLV response. Fri Jan 26 10:18:14 2007 : Debug: rlm_eap_peap: Tunneled data is valid. Fri Jan 26 10:18:14 2007 : Debug: rlm_eap_peap: Had sent TLV failure. User was rejcted rejected earlier in this session. Fri Jan 26 10:18:14 2007 : Debug: rlm_eap: Handler failed in EAP/peap Fri Jan 26 10:18:14 2007 : Debug: rlm_eap: Failed in EAP select Fri Jan 26 10:18:14 2007 : Debug: modsingle[authenticate]: returned from eap (rlm_eap) for request 7 Fri Jan 26 10:18:14 2007 : Debug: modcall[authenticate]: module "eap" returns invalid for request 7 -- Rafal Kaminski http://blstream.com email: rafal.kaminski@blstream.com jid: rka@im.blstream.com - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html 
|
Linear Mode
