(RADIATOR) GetNovellUP problem

Mike McCauley mikem at open.com.au
Thu Jul 14 04:56:50 CDT 2005 

Hello Michal,

Looks like there is aproblem with the LDAP extension support in your Net::LDAP 
module. What verison of  Net::LDAP do you have installed?

Cheers.


On Thursday 14 July 2005 19:09, Michal Marciniszyn wrote:
> Hello,
>
> I have problem with PEAP-MsCHAPv2 authorization against Novell
> eDirectory LDAP server. Radiator connects to eDirectory with no problem,
> it gains all parameters from db, but not the Universal Password, thought
> it is set. After I set up some debugging I came out with following log:
>
> Wed Jul 13 13:24:02 2005: ERR: get_edir_password for
> cn=TSTOIS1,ou=ICT,ou=HSP,o=EDU could not do LDAP extension:
> LDAP_PROTOCOL_ERROR
> Wed Jul 13 13:24:02 2005: DEBUG: Got Novell Universal Password:
> Wed Jul 13 13:24:02 2005: DEBUG: Radius::AuthLDAP2 looks for match with
> tstois1
> Wed Jul 13 13:24:02 2005: DEBUG: Radius::AuthLDAP2 REJECT: Bad Encrypted
> password
> Wed Jul 13 13:24:02 2005: DEBUG: No entries for DEFAULT found in LDAP
> database
> Wed Jul 13 13:24:02 2005: DEBUG: AuthBy LDAP2 result: REJECT, Bad
> Encrypted password
> Wed Jul 13 13:24:02 2005: INFO: Access rejected for tstois1: Bad
> Encrypted password
> Wed Jul 13 13:24:02 2005: DEBUG: Packet dump:
> *** Sending to 10.24.10.61 port 32769 ....
>
> Packet length = 36
> 03 e2 00 24 00 e8 8b 24 e5 0e 2d 9c 6a 01 16 ef
> c9 71 92 af 12 10 52 65 71 75 65 73 74 20 44 65
> 6e 69 65 64
> Code:       Access-Reject
> Identifier: 226
> Authentic:  1234567890123456
> Attributes:
>         Reply-Message = "Request Denied"
>
> My LDAP config looks like:
>
> <AuthBy LDAP2>
>         Identifier      CheckLDAP
>
>         Host            10.24.4.11
>         Port            636
>
>         AuthDN          cn=tstois1,ou=ict,ou=hsp,o=edu
>         AuthPassword    XXXXX
>
>
>         BaseDN          o=edu
>         UsernameAttr    uid
>         GetNovellUP
>
>         EAPType         PEAP,TTLS,TLS,MSCHAP-V2,MD5,MD5-Challenge,PAP
>
>         UseSSL
>         SSLCAFile               /etc/radiator/edu1.pem
>
>         HoldServerConnection
>         Timeout                 2
>         FailureBackoffTime      30
>         Version 3
> </AuthBy>
>
> Is the problem Radiator issue, or something is wrongly set in eDirectory
> and if what?
>
> Thanks for help
>
> Michal Marciniszyn
>
> --
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.

-- 
Mike McCauley                               mikem at open.com.au
Open System Consultants Pty. Ltd            Unix, Perl, Motif, C++, WWW
9 Bulbul Place Currumbin Waters QLD 4223 Australia   http://www.open.com.au
Phone +61 7 5598-7474                       Fax   +61 7 5598-7070

Radiator: the most portable, flexible and configurable RADIUS server 
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, 
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS, 
TTLS, PEAP etc on Unix, Windows, MacOS etc.

--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.

More information about the radiator mailing list