[prev in list] [next in list] [prev in thread] [next in thread]
List: freeradius-users
Subject: Re: freeradius and 2 ldap servers
From: "sumi thra" <sumi.techno () gmail ! com>
Date: 2006-04-28 4:20:47
Message-ID: b3f2d4780604272108l6423b9f3x4dfb0ac21b29bc4a () mail ! gmail ! com
[Download RAW message or body]
[Attachment #2 (multipart/alternative)]
Hey,
Thanks for your reply. After doing that, im getting some other error message
like this..
modcall[authorize]: module "ldap_primary" returns ok for request 5
modcall: leaving group redundant (returns ok) for request 5
rlm_eap: EAP packet type response id 5 length 71
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
modcall[authorize]: module "eap" returns updated for request 5
modcall: leaving group authorize (returns updated) for request 5
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 5
rlm_eap: Request not found in the list
rlm_eap: Either EAP-request timed out OR EAP-response to an unknown
EAP-request
rlm_eap: Failed in handler
modcall[authenticate]: module "eap" returns invalid for request 5
modcall: leaving group authenticate (returns invalid) for request 5
auth: Failed to validate the user.
Any idea ??
On 4/28/06, Terry J Fike Jr <tfike@mtasolutions.com> wrote:
>
> Okay, i'm probably being a little dense here but just wanted to check
> i'm understanding this correctly.
>
> if i'm running 2 ldap servers; in the users file, do i need a default
> entry for each ldap server?
>
> for example:
> moving from a line like this with a single ldap server:
>
> DEFAULT Huntgroup-Name == People, Ldap-Group == dial, User-Profile :=
> "uid=dial,ou=profiles,ou=radius,dc=mtaonline,dc=net", Ldap-UserDN :=
> `uid=%{User-Name},ou=People,dc=mtaonline,dc=net`
> Fall-Through = no
>
> to two lines like this:
>
> DEFAULT Huntgroup-Name == People, Ldap_primary-Ldap-Group == dial,
> User-Profile := "uid=dial,ou=profiles,ou=radius,dc=mtaonline,dc=net",
> Ldap-UserDN := `uid=%{User-Name},ou=People,dc=mtaonline,dc=net`
> Fall-Through = no
>
> DEFAULT Huntgroup-Name == People, Ldap_secondary-Ldap-Group == dial,
> User-Profile := "uid=dial,ou=profiles,ou=radius,dc=mtaonline,dc=net",
> Ldap-UserDN := `uid=%{User-Name},ou=People,dc=mtaonline,dc=net`
> Fall-Through = no
>
> assuming your ldap instatiations are ldap_primary and ldap_secondary
> respectively.
>
> thanks in advance
> t-
>
> --
> Terry J Fike Jr
> System Administrator
> MTA Solutions
> 907-793-4100
> tfike@mtasolutions.com
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>
[Attachment #5 (text/html)]
Hey,<br><br>Thanks for your reply. After doing that, im getting some other error \
message like this..<br><br>modcall[authorize]: module "ldap_primary" \
returns ok for request 5<br>modcall: leaving group redundant (returns ok) for \
request 5 <br> rlm_eap: EAP packet type response id 5 length 71<br> \
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation<br> \
modcall[authorize]: module "eap" returns updated for request 5<br>modcall: \
leaving group authorize (returns updated) for request 5 <br> \
rad_check_password: Found Auth-Type EAP<br>auth: type "EAP"<br> \
Processing the authenticate section of radiusd.conf<br>modcall: entering group \
authenticate for request 5<br> rlm_eap: Request not found in the list \
<br>rlm_eap: Either EAP-request timed out OR EAP-response to an unknown \
EAP-request<br> rlm_eap: Failed in handler<br> modcall[authenticate]: \
module "eap" returns invalid for request 5<br>modcall: leaving group \
authenticate (returns invalid) for request 5 <br>auth: Failed to validate the \
user.<br><br>Any idea ?? <br><br><div><span class="gmail_quote">On 4/28/06, <b \
class="gmail_sendername">Terry J Fike Jr</b> <<a \
href="mailto:tfike@mtasolutions.com">tfike@mtasolutions.com </a>> \
wrote:</span><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, \
204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">Okay, i'm probably being a \
little dense here but just wanted to check<br> i'm understanding this \
correctly.<br><br>if i'm running 2 ldap servers; in the users file, do i need a \
default<br>entry for each ldap server?<br><br>for example:<br>moving from a line like \
this with a single ldap server:<br> <br>DEFAULT Huntgroup-Name == People, Ldap-Group \
== dial, User-Profile \
:=<br>"uid=dial,ou=profiles,ou=radius,dc=mtaonline,dc=net", Ldap-UserDN \
:=<br>`uid=%{User-Name},ou=People,dc=mtaonline,dc=net`<br> \
Fall-Through = no <br><br>to two lines like this:<br><br>DEFAULT Huntgroup-Name == \
People, Ldap_primary-Ldap-Group == dial,<br>User-Profile := \
"uid=dial,ou=profiles,ou=radius,dc=mtaonline,dc=net",<br>Ldap-UserDN := \
`uid=%{User-Name},ou=People,dc=mtaonline,dc=net` \
<br> Fall-Through = no<br><br>DEFAULT \
Huntgroup-Name == People, Ldap_secondary-Ldap-Group == dial,<br>User-Profile := \
"uid=dial,ou=profiles,ou=radius,dc=mtaonline,dc=net",<br>Ldap-UserDN := \
`uid=%{User-Name},ou=People,dc=mtaonline,dc=net` \
<br> Fall-Through = \
no<br><br>assuming your ldap instatiations are ldap_primary and \
ldap_secondary<br>respectively.<br><br>thanks in advance<br>t-<br><br>--<br>Terry J \
Fike Jr<br>System Administrator<br>MTA Solutions <br>907-793-4100<br><a \
href="mailto:tfike@mtasolutions.com">tfike@mtasolutions.com</a><br>-<br>List \
info/subscribe/unsubscribe? See <a \
href="http://www.freeradius.org/list/users.html">http://www.freeradius.org/list/users.html
</a><br></blockquote></div><br>
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic