(RADIATOR) Anonymous rejected with PEAP and LDAP authentication

John McFadden dasjlm at uwo.ca
Thu Apr 3 10:02:12 CST 2003


I'm having a small problem getting PEAP to work with OpenLDAP.

It appears my userid credentials get accepted but the anonymous user 
gets rejected.


Thu Apr  3 11:00:12 2003: DEBUG: Handling request with Handler 
'TunnelledByPEAP=1'
Thu Apr  3 11:00:12 2003: DEBUG:  Deleting session for , 129.100.1.145, 29
Thu Apr  3 11:00:12 2003: DEBUG: Handling with Radius::AuthLDAP2:
Thu Apr  3 11:00:12 2003: DEBUG: Handling with EAP: code 2, 70, 61
Thu Apr  3 11:00:12 2003: DEBUG: Response type 26
Thu Apr  3 11:00:12 2003: INFO: Connecting to 129.100.3.19, port 389
Thu Apr  3 11:00:12 2003: INFO: Attempting to bind with ,  (server 
129.100.3.19:389)
Thu Apr  3 11:00:12 2003: DEBUG: LDAP got result for 
uid=dasjlm,ou=People,dc=its,dc=uwo,dc=ca
Thu Apr  3 11:00:12 2003: DEBUG: LDAP got uid: dasjlm
Thu Apr  3 11:00:12 2003: DEBUG: LDAP got cn: John McFadden
Thu Apr  3 11:00:12 2003: DEBUG: LDAP got objectClass: account 
posixAccount top shadowAccount
Thu Apr  3 11:00:12 2003: DEBUG: LDAP got shadowMax: 99999
Thu Apr  3 11:00:12 2003: DEBUG: LDAP got shadowWarning: 7
Thu Apr  3 11:00:12 2003: DEBUG: LDAP got loginShell: /bin/bash
Thu Apr  3 11:00:12 2003: DEBUG: LDAP got uidNumber: 14257
Thu Apr  3 11:00:12 2003: DEBUG: LDAP got gidNumber: 134
Thu Apr  3 11:00:12 2003: DEBUG: LDAP got homeDirectory: /home/dasjlm
Thu Apr  3 11:00:12 2003: DEBUG: LDAP got gecos: John McFadden
Thu Apr  3 11:00:12 2003: DEBUG: LDAP got userPassword: 
{MD5}1Jbzp9vuY3lJ/SrbMnoaDQ==
Thu Apr  3 11:00:12 2003: DEBUG: Radius::AuthLDAP2 looks for match with 
dasjlm
Thu Apr  3 11:00:12 2003: DEBUG: Radius::AuthLDAP2 ACCEPT:
Thu Apr  3 11:00:12 2003: INFO: Access rejected for anonymous: EAP 
MSCHAP-V2 Authentication failure


Does this mean I need to add an anonymous userid to OpenLDAP?

If so I assume it has to be an id with no password?

Any other methods to do this?

Thanks in advance.
John McFadden


===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.


More information about the radiator mailing list