[RADIATOR] (no subject)
Jure Simundic
jure.simundic at gmail.com
Fri May 14 15:50:36 CDT 2010
Hi,
I would be very grateful if someone could help me with LDAP authentication
problem. I am using Microsoft Active Directory LDAP on Windows Server 2003
as user authentication database and RADIATOR evaluate. ver. 4.6. While
authenticating I receive LDAP error message LDAP_OPERATIONS_ERROR and I
cannot find where the problem lies. This message means that library
initialization fails but since this is the first time I am facing LDAP, as
student, I don't know how to solve it and on Internet I could not find
satisfactory help for this. Usually, this LDAP is used on department network
for users trying to log into computer with their name (no realm), password
and domain name (lss-net). I am authenticating users in the form of
user at lss-net.lss.hr but I strip realm before entering LDAP and I take that
as uid. Also, I don't enter anywhere domain name parameter (lss-net) which
users trying to login into computer must write as I've written above. (Could
this be the problem?)
I must say how I'm not sure whether I am using correct UserAttr and
PasswordAttr for Microsoft AD LDAP since LDAP admin wasn't sure himself what
where the attribute types for that.
Configuration file:
Foreground
LogStdout
LogDir c:/Program Files/Radiator
DbDir c:/Program Files/Radiator
AuthPort 1812
AcctPort 1813
Trace 4
<Client DEFAULT>
Secret gfgfgfffg
DupInterval 0
</Client>
<Handler Realm= "lss-net.lss.hr">
RewriteUsername s/^([^@]+).*/$1/
<AuthBy LDAP2>
NoEAP
# LDAP-2 za Microsoft Active Directory
Version 3
Host IPaddress
Port 389
UsernameAttr uid
PasswordAttr passwd
BaseDN dc=lss-net
Scope sub
ServerChecksPasswordSS
NoDefault
AddToReply Framed-Protocol = PPP,\
Framed-IP-Netmask = 255.255.255.255,\
Framed-Routing = None,\
Framed-MTU = 1500,\
Framed-Compression = Van-Jacobson-TCP-IP
</AuthBy>
</Handler>
Debug:
*** Received from 161.xxxxxxxx port 1812 ....
Code: Access-Request
Identifier: 11
Authentic: /<15>1D<15><128><190>1<136><151><0> <141>xI<22>
Attributes:
NAS-IP-Address = 161.xxxxx
NAS-Port-Type = Async
User-Name = "jsimundic at lss-net.lss.hr"
Service-Type = Framed-User
Framed-MTU = 1500
Calling-Station-Id = "00-50-bf-ee-be-bc"
EAP-Message = <2><0><0><29><1>jsimundic at lss-net.lss.hr
Message-Authenticator =
0<170><132>x<226><174><245><205><168><243>5<3><237>\zs
Fri May 14 14:49:50 2010: DEBUG: Handling request with Handler 'Realm= "
lss-net.lss.hr"'
Fri May 14 14:49:50 2010: DEBUG: Rewrote user name to jsimundic
Fri May 14 14:49:50 2010: DEBUG: Deleting session for
jsimundic at lss-net.lss.hr, 161.xxxxxxx,
Fri May 14 14:49:50 2010: DEBUG: Handling with Radius::AuthLDAP2:
Fri May 14 14:49:50 2010: INFO: Connecting to 161.53.xxxx:389
Fri May 14 14:49:50 2010: INFO: Attempting to bind to LDAP server
161.53.xxxxx:389
Fri May 14 14:49:50 2010: *ERR: ldap search for (uid=jsimundic) failed with
error LDAP_OPERATIONS_ERROR.*
Fri May 14 14:49:50 2010: ERR: Disconnecting from LDAP server (server
161.53.xxxx:389).
Fri May 14 14:49:50 2010: DEBUG: AuthBy LDAP2 result: IGNORE, User database
access error
Jure šimundić
---
Student at Faculty of Electrical Engineering and Computing in Zagreb
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.open.com.au/pipermail/radiator/attachments/20100514/c22265b6/attachment.html
More information about the radiator
mailing list