[RADIATOR] Add UsernameMatchesWithoutRealm to Auth by LSA
Sami Keski-Kasari
samikk at archred.com
Wed Nov 17 11:21:18 CST 2010
Hi Neil,
As you can see, it is actually working, but it says:
User is not a member of any Group: radtest [radtest at uiowa.edu]
So I think that problem is with your group checking.
--
Sami
"Johnson, Neil M" <neil-johnson at uiowa.edu> wrote:
>Hmmm, it appears to be in the source code, but doesn't seem to work.
>Something to do with group checking ?
>
>-Neil
>
>
>Wed Nov 17 10:55:20 2010: DEBUG: Handling request with Handler
>'TunnelledByPEAP=1', Identifier ''
>Wed Nov 17 10:55:20 2010: DEBUG: Deleting session for
>radtest at uiowa.edu, 128.255.11.74, 18433
>Wed Nov 17 10:55:20 2010: DEBUG: Handling with Radius::AuthLSA:
>Wed Nov 17 10:55:20 2010: DEBUG: Handling with EAP: code 2, 10, 72, 26
>Wed Nov 17 10:55:20 2010: DEBUG: Response type 26
>Wed Nov 17 10:55:20 2010: DEBUG: Radius::AuthLSA looks for match with
>radtest [radtest at uiowa.edu]
>Wed Nov 17 10:55:20 2010: DEBUG: Checking LSA Group membership for
>\\IOWADC1, ITS-WIRELESS-IOWA, radtest at uiowa.edu
>Wed Nov 17 10:55:20 2010: DEBUG: Radius::AuthLSA REJECT: AuthBy LSA
>User is not a member of any Group: radtest [radtest at uiowa.edu]
>Wed Nov 17 10:55:20 2010: DEBUG: EAP result: 1, EAP MSCHAP V2 failed:
>no such user radtest
>Wed Nov 17 10:55:20 2010: DEBUG: AuthBy LSA result: REJECT, EAP MSCHAP
>V2 failed: no such user radtest
>Wed Nov 17 10:55:20 2010: DEBUG: Handling with Radius::AuthLSA:
>Wed Nov 17 10:55:20 2010: DEBUG: Handling with EAP: code 2, 10, 72, 26
>Wed Nov 17 10:55:20 2010: DEBUG: Response type 26
>Wed Nov 17 10:55:20 2010: DEBUG: Radius::AuthLSA looks for match with
>radtest [radtest at uiowa.edu]
>Wed Nov 17 10:55:20 2010: DEBUG: Checking LSA Group membership for
>\\IOWADC1, ITS-WIRELESS-QUARANTINE, radtest at uiowa.edu
>Wed Nov 17 10:55:20 2010: DEBUG: Radius::AuthLSA REJECT: AuthBy LSA
>User is not a member of any Group: radtest [radtest at uiowa.edu]
>Wed Nov 17 10:55:20 2010: DEBUG: EAP result: 1, EAP MSCHAP V2 failed:
>no such user radtest
>Wed Nov 17 10:55:20 2010: DEBUG: AuthBy LSA result: REJECT, EAP MSCHAP
>V2 failed: no such user radtest
>Wed Nov 17 10:55:20 2010: DEBUG: Handling with Radius::AuthFILE:
>Wed Nov 17 10:55:20 2010: DEBUG: Handling with EAP: code 2, 10, 72, 26
>Wed Nov 17 10:55:20 2010: DEBUG: Response type 26
>Wed Nov 17 10:55:20 2010: DEBUG: Reading users file c:\Program
>Files\Radiator/eduroam_test_users
>Wed Nov 17 10:55:20 2010: DEBUG: Radius::AuthFILE looks for match with
>radtest at uiowa.edu [radtest at uiowa.edu]
>Wed Nov 17 10:55:21 2010: DEBUG: Radius::AuthFILE REJECT: No such user:
>radtest at uiowa.edu [radtest at uiowa.edu]
>Wed Nov 17 10:55:21 2010: DEBUG: EAP result: 1, EAP MSCHAP V2 failed:
>no such user radtest at uiowa.edu
>Wed Nov 17 10:55:21 2010: DEBUG: AuthBy FILE result: REJECT, EAP MSCHAP
>V2 failed: no such user radtest at uiowa.edu
>Wed Nov 17 10:55:21 2010: INFO: Access rejected for radtest at uiowa.edu:
>EAP MSCHAP V2 failed: no such user radtest at uiowa.edu
>Wed Nov 17 10:55:21 2010: DEBUG: PostProcessing Hook: called.
>Wed Nov 17 10:55:21 2010: DEBUG: Returned PEAP tunnelled packet dump:
>Code: Access-Reject
>
>--
>Neil Johnson
>Network Engineer
>Information Technology Services
>The University of Iowa
>319 384-0938
>neil-johnson at uiowa.edu
>
>
>> -----Original Message-----
>> From: radiator-bounces at open.com.au [mailto:radiator-
>> bounces at open.com.au] On Behalf Of Johnson, Neil M
>> Sent: Wednesday, November 17, 2010 10:39 AM
>> To: radiator at open.com.au
>> Subject: [RADIATOR] Add UsernameMatchesWithoutRealm to Auth by LSA
>>
>>
>> Would it be possible to add the "UsernameMatchesWithoutRealm" to the
>> "AuthBy LSA" method ?
>>
>> -Neil
>>
>>
>> --
>> Neil Johnson
>> Network Engineer
>> Information Technology Services
>> The University of Iowa
>> 319 384-0938
>> neil-johnson at uiowa.edu
>>
>>
>> _______________________________________________
>> radiator mailing list
>> radiator at open.com.au
>> http://www.open.com.au/mailman/listinfo/radiator
>_______________________________________________
>radiator mailing list
>radiator at open.com.au
>http://www.open.com.au/mailman/listinfo/radiator
--
Sami
More information about the radiator
mailing list