I just inherited our newly installed Radiator system. It is version 2.16.1
and it is installed on a Sun Soloris box. It is setup for authby with LDAP
and accounting to an Oracle database. I can not get any passwords to be
accepted when running radpwtst and Radiator times out after each attempt.
Below are my config file and a level 4 trace log. Could you please give me
a pointer as to what I need to be looking at to resolve this problem. All
is running on a test system, so nothing is live. I do not understand why
Radiator returns the message: There was no password attribute found for
MTURNER. Userpassword does exist in LDAP. It doesn't matter what password
I use, encrypted or not. The follow software has been installed:
Radiator v2.16.1
Perl DBI v1.13
Perl DBD for Oracle v1.03
Perl MD5 v1.7
Perl LDAP v1.42
# simple.cfg
AuthPort 1812
AcctPort 1813
Trace 4
Foreground
LogStdout
LogDir /a/hq/mach/aprilia/home/polgara/MTURNER/radius
DbDir /a/hq/mach/aprilia/home/polgara/MTURNER/radius/raddb
# You will probably want to change this to suit your site.
<Client 10.4.178.1>
Secret Superdupper
# base for Framed-Group = 0
FramedGroupBaseAddress 192.168.4.1
DupInterval 0
</Client>
<Client 172.16.101.41>
Secret Superdupper
DupInterval 0
</Client>
<Client DEFAULT>
Secret mysecret
# base for Framed-Group = 0
FramedGroupBaseAddress 192.168.4.1
DupInterval 0
</Client>
<Realm DEFAULT>
<AuthBy LDAP>
Host flarion.hq.ferg.com
BaseDN o=FEI, c=US
UsernameAttr cn
EncryptedPasswordAttr userpassword
</AuthBy>
# Log accounting to the detail file in LogDir
AcctLogFileName %L/detail
</Realm>
<SessionDatabase SQL>
# This database spec usually should be exactly the same
# as in <AuthBy RADMIN> above
DBSource dbi:Oracle:RDD1.HQ.FERG.COM
DBUsername radius
DBAuth radius
</SessionDatabase>
MTURNER@elias:radius > radiusd -config_file ./radius.cfg
Fri Jul 7 14:01:58 2000: INFO: Server started: Radiator 2.16.1
Fri Jul 7 14:03:47 2000: DEBUG: Packet dump:
*** Received from 127.0.0.1 port 34583 ....
Code: Access-Request
Identifier: 61
Authentic: 1234567890123456
Attributes:
User-Name = "MTURNER"
Service-Type = Framed-User
NAS-IP-Address = 203.63.154.1
NAS-Port = 1234
NAS-Port-Type = Async
User-Password =
"<161><211><7><245><247>\<4><246><188>8<9><160><216>}x<1
53>"
Fri Jul 7 14:03:47 2000: DEBUG: Handling request with Handler
'Realm=DEFAULT'
Fri Jul 7 14:03:47 2000: DEBUG: Deleting session for MTURNER,
203.63.154.1, 12
34
Fri Jul 7 14:03:47 2000: DEBUG: do query is: delete from RADONLINE where
NASIDE
NTIFIER='203.63.154.1' and NASPORT=01234
Fri Jul 7 14:03:47 2000: DEBUG: Handling with Radius::AuthLDAP
Fri Jul 7 14:03:47 2000: DEBUG: Connecting to flarion.hq.ferg.com, port 389
Fri Jul 7 14:03:47 2000: DEBUG: LDAP got result for cn=MTURNER, o=FEI, c=US
Fri Jul 7 14:03:47 2000: ERR: There was no password attribute found for
MTURNER
. Check your LDAP database.
Fri Jul 7 14:03:47 2000: DEBUG: Radius::AuthLDAP looks for match with
MTURNER
Fri Jul 7 14:03:47 2000: DEBUG: Radius::AuthLDAP REJECT: Bad Encrypted
password
Fri Jul 7 14:03:47 2000: DEBUG: Connecting to flarion.hq.ferg.com, port 389
Fri Jul 7 14:03:47 2000: DEBUG: No entries for DEFAULT found in LDAP
database
Fri Jul 7 14:03:47 2000: INFO: Access rejected for MTURNER: Bad Encrypted
passw
ord
Fri Jul 7 14:03:47 2000: DEBUG: Packet dump:
*** Sending to 127.0.0.1 port 34583 ....
Code: Access-Reject
Identifier: 61
Authentic: 1234567890123456
Attributes:
Reply-Message = "Request Denied"
Fri Jul 7 14:03:47 2000: DEBUG: Packet dump:
*** Received from 127.0.0.1 port 34583 ....
Code: Accounting-Request
Identifier: 62
Authentic: ?<241><0>==Z<201><230>W<172><26><231><230><150><129>r
Attributes:
User-Name = "MTURNER"
Service-Type = Framed-User
NAS-IP-Address = 203.63.154.1
NAS-Port = 1234
NAS-Port-Type = Async
Acct-Session-Id = "00001234"
Acct-Status-Type = Start
Fri Jul 7 14:03:47 2000: DEBUG: Handling request with Handler
'Realm=DEFAULT'
Fri Jul 7 14:03:47 2000: DEBUG: Adding session for MTURNER, 203.63.154.1,
1234
Fri Jul 7 14:03:47 2000: DEBUG: do query is: delete from RADONLINE where
NASIDE
NTIFIER='203.63.154.1' and NASPORT=01234
Fri Jul 7 14:03:47 2000: DEBUG: do query is: insert into RADONLINE
(USERNAME, N
ASIDENTIFIER, NASPORT, ACCTSESSIONID, TIME_STAMP, FRAMEDIPADDRESS,
NASPORTTYPE,
SERVICETYPE) values ('MTURNER', '203.63.154.1', 01234, '00001234',
962993027, ''
, 'Async', 'Framed-User')
Fri Jul 7 14:03:47 2000: DEBUG: Handling with Radius::AuthLDAP
Fri Jul 7 14:03:47 2000: DEBUG: Accounting accepted
Fri Jul 7 14:03:47 2000: DEBUG: Packet dump:
*** Sending to 127.0.0.1 port 34583 ....
Code: Accounting-Response
Identifier: 62
Authentic: ?<241><0>==Z<201><230>W<172><26><231><230><150><129>r
Attributes:
Fri Jul 7 14:03:47 2000: DEBUG: Packet dump:
*** Received from 127.0.0.1 port 34583 ....
Code: Accounting-Request
Identifier: 63
Authentic: <150>b<201><208>Oi<30><231><162>7<159><5><204>hr<0>
Attributes:
User-Name = "MTURNER"
Service-Type = Framed-User
NAS-IP-Address = 203.63.154.1
NAS-Port = 1234
NAS-Port-Type = Async
Acct-Session-Id = "00001234"
Acct-Status-Type = Stop
Acct-Delay-Time = 0
Acct-Session-Time = 1000
Acct-Input-Octets = 20000
Acct-Output-Octets = 30000
Fri Jul 7 14:03:47 2000: DEBUG: Handling request with Handler
'Realm=DEFAULT'
Fri Jul 7 14:03:47 2000: DEBUG: Deleting session for MTURNER,
203.63.154.1, 12
34
Fri Jul 7 14:03:47 2000: DEBUG: do query is: delete from RADONLINE where
NASIDE
NTIFIER='203.63.154.1' and NASPORT=01234
Fri Jul 7 14:03:47 2000: DEBUG: Handling with Radius::AuthLDAP
Fri Jul 7 14:03:48 2000: DEBUG: Accounting accepted
Fri Jul 7 14:03:48 2000: DEBUG: Packet dump:
*** Sending to 127.0.0.1 port 34583 ....
Code: Accounting-Response
Identifier: 63
Authentic: <150>b<201><208>Oi<30><231><162>7<159><5><204>hr<0>
Attributes:
timeout at /usr/local/lib/perl5/site_perl/5.005/Radius/SqlDb.pm line 226.
zsh: segmentation fault (core dumped) radiusd -config_file ./radius.cfg
MTURNER@elias:radius >
MIchael
===
Archive at http://www.starport.net/~radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
