[RADIATOR] LDAP is not authenticating when the username cotains DOT or password cotains #

Aboo Vattem. Kandathil aboovattem.kandathil at sps.net.sa
Wed Feb 25 01:51:46 CST 2009 

Hello,

Thanks for the reply.

The operating System is: Windows XP SP2

The version of Radiator is 4.0 as per the log file (NOTICE: Server
started: Radiator 4.0 on web-16)

Version of PERL is: 

This is perl, v5.8.7 built for MSWin32-x86-multi-thread
(with 14 registered patches, see perl -V for more detail)

The authentication not successful when the password contains some
special characters.

Please find the attached text files.

The first file " 1_authenticated.txt" is the debug script while a
successful authentication is happened. [In this case the password was a
combination of letters and numbers]

The second file " 2_notauthenticated.txt" is the debug script when the
password is with some letters and special characters. [The password I
used is: Aaaa!@#$%^  ]

Initially I was thinking that the authentication was not successful due
to a dot came on the username. It is not related to that.

Note:- I am using radpwtst from the command prompt to test the
authentication. 

Thanks and Regards,

Aboo Vattem Kandathil

-----Original Message-----
From: Hugh Irvine [mailto:hugh at open.com.au] 
Sent: Wednesday, February 25, 2009 1:27 AM
To: Aboo Vattem. Kandathil
Cc: radiator at open.com.au
Subject: [BULK] Re: [RADIATOR] LDAP is not authenticating when the
username cotains DOT or password cotains #
Importance: Low


Hello Aboo Vattem Kandathil -

Could you please add "Debug 255" to your AuthBy LDAP2 clause, then run  
radiusd like this in a terminal window so we can see what is happening:

	cd /your/Radiator/source/distribution

	perl radiusd -foreground -log_stdout -trace 4 -config_file
/your/ 
Radiator/configuration/file

	.....

You will need to use your local pathnames in the above of course.

Can you also please tell me what hardware/software platform you are  
running on, and what versions of Radiator and Perl?

regards

Hugh


On 24 Feb 2009, at 20:27, Aboo Vattem. Kandathil wrote:

> Hello,
>
> Can anyone please help me to configure the LDAP authentication in a  
> generic way.
>
> The below is the configuration which I am using currently to do the  
> authentication.
>
> <AuthBy LDAP2>
>                 Host                       jed-adr.sps.net.sa
>  		AuthDN                                
> cn=testun,ou=headoffice,ou=Employees,dc=mydomain,dc=com
> 		AuthPassword Ab00123456
> 		BaseDN                                %0=%1,  
> ou=headoffice,ou=Employees,dc=mydomain,dc=com
> 		UsernameAttr   cn
> 		ServerChecksPassword
> 		PasswordAttr    userPassword
> 		HoldServerConnection
> 		AddToReply Framed-Protocol = PPP,\
>                                 Framed-IP-Netmask = 255.255.255.255,\
>                                 Framed-Routing = None,\
>                                 Framed-MTU = 1500,\
>                                                 Framed-Compression =  
> Van-Jacobson-TCP-IP
> 		Timeout 8
> 		Version 3
> </AuthBy>
>
> It works fine if I use a username without any DOT in it. I have  
> active directory username with dot in the username for example:  
> headoffice.user1
>
> Also I face problem with user password. If the user password  
> contains with # symbol it is not authenticating.
>
>
>
>
> Thanks and Regards,
>
> Aboo Vattem Kandathil
> <image001.jpg>
>
> _______________________________________________
> radiator mailing list
> radiator at open.com.au
> http://www.open.com.au/mailman/listinfo/radiator



NB:

Have you read the reference manual ("doc/ref.html")?
Have you searched the mailing list archive
(www.open.com.au/archives/radiator)?
Have you had a quick look on Google (www.google.com)?
Have you included a copy of your configuration file (no secrets),
together with a trace 4 debug showing what is happening?
Have you checked the RadiusExpert wiki:
http://www.open.com.au/wiki/index.php/Main_Page

-- 
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows, MacOS X.
Includes support for reliable RADIUS transport (RadSec),
and DIAMETER translation agent.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
-
CATool: Private Certificate Authority for Unix and Unix-like systems.


-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: 1_authenticated.txt
URL: <http://www.open.com.au/pipermail/radiator/attachments/20090225/741f5982/attachment-0002.txt>
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: 2_notauthenticated.txt
URL: <http://www.open.com.au/pipermail/radiator/attachments/20090225/741f5982/attachment-0003.txt>

More information about the radiator mailing list