(RADIATOR) Authentication problem with Radiator 2.19 and OpenLDAP 2.0.28

Stephen Davies stephen at brightonline.com.au
Mon Feb 18 02:52:47 CST 2002 

Hi,

I am trying to set radiator to authenticate against and OpenLDAP database version 2.0.28

Openldap is working fine with everything else, including my telnet and webmail (written in perl) access.

When I try to run radpwtst I get the error in the logfile as:

*** Received from 127.0.0.1 port 46475 ....
Code:       Access-Request
Identifier: 118
Authentic:  1234567890123456
Attributes:
        User-Name = "stephen"
        Service-Type = Framed-User
        NAS-IP-Address = 203.63.154.1
        NAS-Port = 1234
        Called-Station-Id = "123456789"
        Calling-Station-Id = "987654321"
        NAS-Port-Type = Async
        User-Password = "<250><5>p<185><25><233>$<168>qd<2><25>z%<133><129>"

Mon Feb 18 16:49:13 2002: DEBUG: Handling request with Handler 'Realm=DEFAULT'
Mon Feb 18 16:49:13 2002: DEBUG:  Deleting session for stephen, 203.63.154.1, 12
34
Mon Feb 18 16:49:13 2002: DEBUG: Handling with Radius::AuthLDAP2:
Mon Feb 18 16:49:13 2002: INFO: Connecting to ldap.brightonline.com.au, port 389
Mon Feb 18 16:49:13 2002: INFO: Attempting to bind with cn=XXXXX,dc=brightonline
,dc=com,dc=au, XXXXXXX (server ldap.brightonline.com.au:389)
Mon Feb 18 16:49:13 2002: DEBUG: LDAP got result for uid=stephen, ou=Brighteam,
dc=brightonline, dc=com, dc=au
Mon Feb 18 16:49:13 2002: DEBUG: LDAP got userPassword: {CRYPT}s4LYe7mPaoXHA
Mon Feb 18 16:49:13 2002: DEBUG: Radius::AuthLDAP2 looks for match with stephen
Mon Feb 18 16:49:13 2002: DEBUG: Radius::AuthLDAP2 REJECT: Bad Password
Mon Feb 18 16:49:13 2002: INFO: Connecting to ldap.brightonline.com.au, port 389
Mon Feb 18 16:49:13 2002: INFO: Attempting to bind with cn=admin,dc=brightonline
,dc=com,dc=au, witchhunt (server ldap.brightonline.com.au:389)
Mon Feb 18 16:49:13 2002: DEBUG: No entries for DEFAULT found in LDAP database
Mon Feb 18 16:49:13 2002: INFO: Access rejected for stephen: Bad Password
Mon Feb 18 16:49:13 2002: DEBUG: Packet dump:
*** Sending to 127.0.0.1 port 46475 ....
Code:       Access-Reject
Identifier: 118
Authentic:  1234567890123456
Attributes:
        Reply-Message = "Request Denied"


LDAP portion of radius.cfg file reads as:

       <AuthBy LDAP2>
               ServerChecksPassword

               Host            ldap.brightonline.com.au
               Port            389
               AuthDN          cn=XXXXX, dc=brightonline,dc=com,dc=au
               AuthPassword    XXXXXXX
               BaseDN          dc=brightonline,dc=com,dc=au
               UsernameAttr    uid
               PasswordAttr    userPassword
       </AuthBy>


I have also tried SeverChecksPassword off, and EncryptedPasswordAttr instead of PasswordAttr

Some suggestions on the list have been setting the -secret. This has been done.


My environment is:
perl 5.6.1
perl-ldap 0.25
radiator 2.19
openldap 2.0.28

Regards

Stephen
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.open.com.au/pipermail/radiator/attachments/20020218/6ddcde58/attachment.html>

More information about the radiator mailing list