'=?koi8-r?Q?FreeRadius_1.1.4_and_rlm=5Fkrb5_and_Active_Directory?='

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       freeradius-users
Subject:    =?koi8-r?Q?FreeRadius_1.1.4_and_rlm=5Fkrb5_and_Active_Directory?=
From:       Kozlov Artem <cl_5 () mail ! ru>
Date:       2007-02-28 13:30:39
Message-ID: E1HMOtD-000Cf2-00.cl_5-mail-ru () f92 ! mail ! ru
[Download RAW message or body]


 Hi!

 I'm trying to configure freeradius with rlm_krb5 using mini howto from Enrik Berkhan \
http://archives.free.net.ph/message/20060104.153134.68c5be76.en.html  , but i have \
some troubles.

 when i type
 radtest user@office.ru userpass localhost 10 testing123

 i got:

 Sending Access-Request of id 145 to 127.0.0.1 port 1812
         User-Name = "user@office.ru"
         User-Password = "userpass"
         NAS-IP-Address = 255.255.255.255
         NAS-Port = 10
 rad_recv: Access-Reject packet from host 127.0.0.1:1812, id5, length 

 and radius log:

 Nothing to do.  Sleeping until we see a request.
 rad_recv: Access-Request packet from host 127.0.0.1:53441, id5, length5
         User-Name = "user@office.ru"
         User-Password = "userpass"
         NAS-IP-Address = 255.255.255.255
         NAS-Port = 10
   Processing the authorize section of radiusd.conf
  modcall: entering group authorize for request 3
   modcall[authorize]: module "preprocess" returns ok for request 3
   modcall[authorize]: module "chap" returns noop for request 3
   modcall[authorize]: module "mschap" returns noop for request 3
     rlm_realm: Looking up realm "office.ru" for User-Name = "user@office.ru"
     rlm_realm: No such realm "office.ru"
   modcall[authorize]: module "suffix" returns noop for request 3
   rlm_eap: No EAP-Message, not doing EAP
   modcall[authorize]: module "eap" returns noop for request 3
     users: Matched entry DEFAULT at line 152
   modcall[authorize]: module "files" returns ok for request 3
 rlm_pap: WARNING! No "known good" password found for the user.  Authentication may \
fail because of this.  modcall[authorize]: module "pap" returns noop for request 3
 modcall: leaving group authorize (returns ok) for request 3
   rad_check_password:  Found Auth-Type krb
 auth: type "krb"
   Processing the authenticate section of radiusd.conf
 modcall: entering group krb for request 3
 rlm_krb5: Parsed name is: user@office.ru
 rlm_krb5: failed verify_user: Unknown error -1765328343 (user@office.ru )
   modcall[authenticate]: module "krb5" returns reject for request 3
 modcall: leaving group krb (returns reject) for request 3
 auth: Failed to validate the user.
 Login incorrect: [user@office.ru/userpass] (from client localhost port 10)
 Delaying request 3 for 1 seconds
 Finished request 3
 Going to the next request
 --- Walking the entire request list ---
 Waking up in 1 seconds...
 --- Walking the entire request list ---
 Sending Access-Reject of id 145 to 127.0.0.1 port 53441
 Waking up in 4 seconds...
 --- Walking the entire request list ---
 Cleaning up request 3 ID 145 with timestamp 45e576ce

 Somebody has experience of such adjustment?




-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html


[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic