(RADIATOR) LDAP+md5

Hugh Irvine hugh at open.com.au
Tue Oct 28 03:13:01 CST 2003 

Hello Deden -

You do not need the "{md5}" prefix on your password, as there is 
already the "$1$" prefix.

Please see section 13.1.1 in the Radiator 3.7.1 reference manual 
("doc/ref.html").

regards

Hugh


On 28/10/2003, at 8:01 PM, deden purnamahadi wrote:

> This is my config file :
>
> <Client DEFAULT>
>        Secret  mysecret
>        DupInterval 0
> </Client>
>
> <Realm DEFAULT>
>        RewriteUsername s/^([^@]+).*/$1/
>        <AuthBy LDAP2>
> #               NoDefault
>                Version         3
>                Host            mail
>                Port            389
>                AuthDN          cn=root,o=ISP,c=IX
>                AuthPassword    secret
>                BaseDN          o=ISP,c=IX
>                UsernameAttr    uid
>                PasswordAttr    userPassword
>                AuthAttrDef     servicetype,Service-Type,check
>                AuthAttrDef     address,Frame-IP-Address,reply
>        </AuthBy>
>
>        <AuthBy SQL>
>
>
>
> This is the error message when I try with user 'farida' password 
> 'farida' md5 encryption :
>
>
> Tue Oct 28 15:55:56 2003: DEBUG: Handling request with Handler 
> 'Realm=DEFAULT'
> Tue Oct 28 15:55:56 2003: DEBUG: Rewrote user name to farida
> Tue Oct 28 15:55:56 2003: DEBUG:  Deleting session for farida, 
> 203.63.154.1, 1234
> Tue Oct 28 15:55:56 2003: DEBUG: Handling with Radius::AuthLDAP2:
> Tue Oct 28 15:55:56 2003: INFO: Connecting to mail, port 389
> Tue Oct 28 15:55:56 2003: INFO: Attempting to bind to LDAP server 
> mail:389)
> Tue Oct 28 15:55:56 2003: DEBUG: LDAP got result for 
> uid=farida,ou=isp,o=topnet,c=ID
> Tue Oct 28 15:55:56 2003: DEBUG: LDAP got userPassword: 
> {md5}$1$41a6a36598a0acd0d0c3aac95edc7b35
> Tue Oct 28 15:55:56 2003: DEBUG: Radius::AuthLDAP2 looks for match 
> with farida
> Tue Oct 28 15:55:56 2003: DEBUG: Radius::AuthLDAP2 REJECT: Bad Password
> Tue Oct 28 15:55:56 2003: INFO: Connecting to mail, port 389
> Tue Oct 28 15:55:56 2003: INFO: Attempting to bind to LDAP server 
> mail:389)
> Tue Oct 28 15:55:56 2003: DEBUG: No entries for DEFAULT found in LDAP 
> database
> Tue Oct 28 15:55:56 2003: INFO: Access rejected for farida: Bad 
> Password
> Tue Oct 28 15:55:56 2003: DEBUG: Packet dump:
> *** Sending to 127.0.0.1 port 32864 ....
>
>
> Anyone can help ?
>
>
> Thx in advance
>
>
>
> Warmest regards
>
>
> ddn
>
> _________________________________________________________________
> Enjoy MSN 8 patented spam control and more with MSN 8 Dial-up Internet 
> Service.  Try it FREE for one month!   
> http://join.msn.com/?page=dept/dialup
>
> ===
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.
>
>

NB: have you included a copy of your configuration file (no secrets),
together with a trace 4 debug showing what is happening?

-- 
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
-
CATool: Private Certificate Authority for Unix and Unix-like systems.

===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.

More information about the radiator mailing list