(RADIATOR) problem authenticating with LDAP

Hugh Irvine hugh at open.com.au
Sun Aug 17 22:26:06 CDT 2003


Hello Cary -

Thanks for your mail.

The AuthDN and the AuthPassword are the administrative username and 
password to get access to the LDAP database. This must be an LDAP user 
who has permission to access and query the LDAP database.

regards

Hugh


On Saturday, Aug 16, 2003, at 01:40 Australia/Melbourne, Sampson, Cary 
wrote:

> I am having a problem getting Radiator to authenticate to my openldap 
> server.  It seems to be a problem locating the user in ldap.  The user 
> is in the ldap database and I can authenticate a linux box from it 
> with the same user. I have included my ldap entry from radius.cfg and 
> the entry in the Radiator log file.  
>
>  
>
> I am new to LDAP and Radiator so please forgive me if this is a dumb 
> question.
>
>  
>
> Any help would be appreciated.
>
>  
>
> <AuthBy LDAP2>
>
>  AuthDN cn=Manager,dc=myschool,dc=edu
>
>  AuthPassword secret
>
>  BaseDN dc=myschool,cd=edu
>
>  Debug
>
>  Host 127.0.0.1
>
>  Identifier ID_0
>
>  PasswordAttr userPassword
>
>  Port 389
>
>  ServerChecksPassword
>
>  UsernameAttr uid
>
> </AuthBy>
>
>  
>
>  
>
> Code:      Access-Request
>
> Identifier: 237
>
> Authentic: 1234567890123456
>
> Attributes:
>
>      User-Name = "csampson"
>
>      Service-Type = Framed-User
>
>      NAS-IP-Address = 156.89.129.200
>
>      NAS-Port = 1234
>
>      Called-Station-Id = "123456789"
>
>      Calling-Station-Id = "987654321"
>
>      NAS-Port-Type = Async
>
>      Framed-IP-Address = 156.89.64.24
>
>      User-Password = "<237>m<194><155>vi<135><208>\~b<157><156>F]<177>"
>
>  
>
> Fri Aug 15 08:17:42 2003: DEBUG: Handling request with Handler 
> 'Realm=DEFAULT' Fri Aug 15 08:17:42 2003: DEBUG: Deleting session for 
> csampson, 156.89.129.200, 1234 Fri Aug 15 08:17:42 2003: DEBUG: 
> Handling with Radius::AuthLDAP2: ID_0 Fri Aug 15 08:17:42 2003: INFO: 
> Connecting to 127.0.0.1, port 389 Fri Aug 1508:17:422003: INFO: 
> Attempting to bind with cn=Manager,dc=myschool,dc=edu, secret (server 
> 127.0.0.1:389) Fri Aug 1508:17:422003: ERR: ldap search failed with 
> error LDAP_NO_SUCH_OBJECT. Fri Aug 1508:17:422003: DEBUG: 
> Radius::AuthLDAP2 looks for match with csampson Fri Aug 
> 1508:17:422003: ERR: ldap search failed with error 
> LDAP_NO_SUCH_OBJECT. Fri Aug 1508:17:422003: INFO: Access rejected for 
> csampson: No such user Fri Aug 1508:17:422003: DEBUG: Packet dump:
>
> *** Sending to 156.89.64.35 port 33497 ....
>
> Code:      Access-Reject
>
> Identifier: 237
>
> Authentic: 1234567890123456
>
> Attributes:
>
>      Reply-Message = "Request Denied"
>
>  
>
>  
>
>

NB: have you included a copy of your configuration file (no secrets),
together with a trace 4 debug showing what is happening?

-- 
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/enriched
Size: 6527 bytes
Desc: not available
URL: <http://www.open.com.au/pipermail/radiator/attachments/20030818/2e96d457/attachment.bin>


More information about the radiator mailing list