LinuxQuestions.org
Visit the LQ Articles and Editorials section
Go Back   LinuxQuestions.org > Forums > Enterprise Linux Forums > Linux - Enterprise
User Name
Password
Linux - Enterprise This forum is for all items relating to using Linux in the Enterprise.

Notices

Reply
 
LinkBack Search this Thread
Old 09-22-2007, 08:46 AM   #1
sachin1361
Member
 
Registered: Feb 2007
Posts: 126

Rep: Reputation: 15
LDAP & RADIUS integration


Please find below the LDAP and RADIUS conf of my RHEL-5 Server. I hace been integrating LDAP with RADIUS. But when I query through radtest command (check last command below), it displays error msg.Access-Reject.
the user name which I used in below conf is manu.I have created one more test user, named abc and set to Auth-Type = System, ot works fine. I think LDAP is not integrated with RADIUS.

Please check the error and highlight me errors in conf files.

[root@test4 bin]# radiusd -X -A


rad_recv: Access-Request packet from host 127.0.0.1:32956, id=68, length=56
User-Name = "manu"
User-Password = "manu"
NAS-IP-Address = 255.255.255.255
NAS-Port = 2
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 3
modcall[authorize]: module "preprocess" returns ok for request 3
modcall[authorize]: module "chap" returns noop for request 3
modcall[authorize]: module "mschap" returns noop for request 3
rlm_realm: No '@' in User-Name = "manu", looking up realm NULL
rlm_realm: No such realm "NULL"
modcall[authorize]: module "suffix" returns noop for request 3
rlm_eap: No EAP-Message, not doing EAP
modcall[authorize]: module "eap" returns noop for request 3
users: Matched entry manu at line 86
modcall[authorize]: module "files" returns ok for request 3
rlm_ldap: - authorize
rlm_ldap: performing user authorization for manu
radius_xlat: '(uid=manu)'
radius_xlat: 'dc=example,dc=com'
rlm_ldap: ldap_get_conn: Checking Id: 0
rlm_ldap: ldap_get_conn: Got Id: 0
rlm_ldap: performing search in dc=example,dc=com, with filter (uid=manu)
rlm_ldap: no dialupAccess attribute - access denied by default
rlm_ldap: ldap_release_conn: Release Id: 0
modcall[authorize]: module "ldap" returns userlock for request 3
modcall: leaving group authorize (returns userlock) for request 3
Delaying request 3 for 1 seconds
Finished request 3
Going to the next request
--- Walking the entire request list ---
Waking up in 1 seconds...
--- Walking the entire request list ---
Waking up in 1 seconds...
--- Walking the entire request list ---
Sending Access-Reject of id 68 to 127.0.0.1 port 32956
Reply-Message = "Hello Manu"
Waking up in 4 seconds...
--- Walking the entire request list ---
Cleaning up request 3 ID 68 with timestamp 46f5163e
Nothing to do. Sleeping until we see a request.


[root@test4 ~]# vi /etc/raddb/users

manu Auth-Type := LDAP
# Reply-Message = "Sorry Manu"

DEFAULT Auth-Type = System
Fall-Through = 1

DEFAULT Auth-Type = LDAP
Fall-Through = 1


[root@test4 ~]# vi /etc/raddb/clients.conf

client 172.16.2.0/24 {
secret = jumbo
shortname = anything
}


[root@test4 ~]# vi /etc/raddb/radiusd.conf

ldap {
server = "localhost"
basedn = "dc=example,dc=com"
filter = "(uid=%{Stripped-User-Name:-%{User-Name}})"
password_attribute = userPassword
}

[root@test4 ~]# radtest manu manu localhost 2 testing123
Sending Access-Request of id 91 to 127.0.0.1 port 1812
User-Name = "manu"
User-Password = "manu"
NAS-IP-Address = 255.255.255.255
NAS-Port = 2
rad_recv: Access-Reject packet from host 127.0.0.1:1812, id=91, length=32
Reply-Message = "Hello Manu"
[root@test4 ~]#


This is the output of ldapsearch command which I think that LDAP is running fine.

[root@test4 ~]# ldapsearch -x -b 'dc=example,dc=com' '(objectclass=*)'
manu, People, example.com
dn: uid=manu,ou=People,dc=example,dc=com
uid: manu
cn: manu
objectClass: account
objectClass: posixAccount
objectClass: top
objectClass: shadowAccount
userPassword:: e2NyeXB0fSQxJEJ5VmxSRHUzJEpVMHBqM0MwRm5BNXRDZUlyc2dTeS4=
shadowLastChange: 13778
shadowMax: 99999
shadowWarning: 7
loginShell: /bin/bash
uidNumber: 509
gidNumber: 509
homeDirectory: /home/manu

# search result
search: 2
result: 0 Success

# numResponses: 9
# numEntries: 8
[root@test4 ~]#
 
Old 09-24-2007, 03:21 AM   #2
sachin1361
Member
 
Registered: Feb 2007
Posts: 126

Original Poster
Rep: Reputation: 15
ldap

Problem Solved

Thanx
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are Off
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Ldap Radius Auth... tmolise Linux - General 1 11-02-2006 04:12 AM
Ldap Radius Authentication tmolise Linux - Software 0 11-01-2006 10:49 AM
LDAP and RADIUS questions depam Linux - Software 4 08-17-2006 03:08 AM
integration of ldap with samba pdc mnitian Linux - Networking 3 07-26-2004 10:19 AM
Radius server Integration rockage2001 Linux - Security 4 09-16-2003 11:16 AM


All times are GMT -5. The time now is 12:24 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration