hi all,
we have a test environment with two hosts:
-Ultra5 (solaris 2.6) with Radiator-2.16.1 and perl-ldap-0.19
-E250 (solaris 2.6) with Netscape Directory Server 4.11
now are running radiusd with this radius.cfg:
Foreground
LogStdout
Trace 4
AuthPort 1645
AcctPort 1646
#LogDir /var/log/radius
LogFile /var/log/%Y-radius.log
#DictionaryFile /usr/local/etc/raddb/dictionary
PidFile /tmp/radiusd.pid
<Client localhost>
Secret mysecret
DupInterval 0
</Client>
<AuthBy LDAP2>
Identifier NDS
AuthAttrDef userpassword, User-Password, check
AuthAttrDef tipodeconexion, NAS-Port-Type, check
AuthAttrDef conexiones, Simultaneous-Use, check
AuthAttrDef bono, BonoBT, reply
AuthAttrDef dnsprimaria, Primary-DNS-Server, reply
AuthAttrDef dnssecundaria, Secondary-DNS-Server, reply
AuthAttrDef franjahoraria, FranjaHoraria, reply
AuthAttrDef cli, TelefonoOrigen, reply
AuthAttrDef idletimeout, Idle-Timeout, reply
AuthDN cn=Directory Manager
AuthPassword mypassword
BaseDN o=bt
Host 17.1.1.2
PasswordAttr userpassword
Port 389
UsernameAttr usuarioradius
</AuthBy>
<Realm palipei>
RejectHasReason
AcctLogFileName %L/details
PasswordLogFileName %L/password.log
AuthBy NDS
AuthByPolicy ContinueWhileAccept
</Realm>
So radiusd is started in foreground mode and we launch a radpwtst:
frodo #./radpwtst -user jmpellus@palipei -password jmpp54 -auth_port 1645
-acct_port 1646 -trace 4
Code: Access-Request
Identifier: 75
Authentic: 1234567890123456
Attributes:
User-Name = "jmpellus@palipei"
Service-Type = Framed-User
NAS-IP-Address = 203.63.154.1
NAS-Port = 1234
NAS-Port-Type = Async
User-Password =
"<147><230>/<221><154>i<4><246><188>8<9><160><216>}x<153
>"
sending Access-Request...
No reply
Code: Accounting-Request
Identifier: 76
Authentic: <0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>
Attributes:
User-Name = "jmpellus@palipei"
Service-Type = Framed-User
NAS-IP-Address = 203.63.154.1
NAS-Port = 1234
NAS-Port-Type = Async
Acct-Session-Id = "00001234"
Acct-Status-Type = Start
sending Accounting-Request Start...
No reply
Code: Accounting-Request
Identifier: 77
Authentic: <0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>
Attributes:
User-Name = "jmpellus@palipei"
Service-Type = Framed-User
NAS-IP-Address = 203.63.154.1
NAS-Port = 1234
NAS-Port-Type = Async
Acct-Session-Id = "00001234"
Acct-Status-Type = Stop
Acct-Delay-Time = 0
Acct-Session-Time = 1000
Acct-Input-Octets = 20000
Acct-Output-Octets = 30000
sending Accounting-Request Stop...
No reply
frodo #
And radiusd show us:
frodo #./radiusd -config_file /usr/local/etc/radius.cfg
Wed Sep 6 10:32:19 2000: INFO: Server started: Radiator 2.16.1
Wed Sep 6 10:33:00 2000: DEBUG: Packet dump:
*** Received from 127.0.0.1 port 35307 ....
Code: Access-Request
Identifier: 75
Authentic: 1234567890123456
Attributes:
User-Name = "jmpellus@palipei"
Service-Type = Framed-User
NAS-IP-Address = 203.63.154.1
NAS-Port = 1234
NAS-Port-Type = Async
User-Password =
"<147><230>/<221><154>i<4><246><188>8<9><160><216>}x<153
>"
Wed Sep 6 10:33:00 2000: DEBUG: Handling request with Handler
'Realm=palipei'
Wed Sep 6 10:33:00 2000: DEBUG: Deleting session for jmpellus@palipei,
203.63.
154.1, 1234
Wed Sep 6 10:33:00 2000: DEBUG: Handling with Radius::AuthLDAP2
Wed Sep 6 10:33:00 2000: DEBUG: Connecting to 17.1.1.2, port 389
and the daemon will not work properly any more.
So we thought there is a problem in LDAP connection between hosts,
but in /usr/netscape/server4/.../logs/access appears the entries:
[06/Sep/2000:10:30:21 +0100] conn=21 fd=27 slot=27 connection from 17.1.1.1
to 1
7.1.1.2
[06/Sep/2000:10:30:21 +0100] conn=21 op=0 BIND dn="cn=Directory Manager"
method=
128 version=2
[06/Sep/2000:10:30:21 +0100] conn=21 op=0 RESULT err=0 tag=97 nentries=0
etime=0
[06/Sep/2000:10:30:21 +0100] conn=21 op=1 SRCH base="o=bt" scope=2
filter="(usua
rioradius=jmpellus@palipei)"
We're confused, and need help to detect the problem that affects the AuhBy
LDAP2.
thanks in advance.
jules.
===
Archive at http://www.starport.net/~radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
