Part of Slepp's ProjectsPastebinTURLImagebinFilebin
Feedback -- English French German Japanese
Create Upload Newest Tools Donate
Sign In | Create Account

Advertising

Untitled
Sunday, April 29th, 2007 at 10:43:26am UTC 

  1. [[email protected] ~]# radiusd -X
  2. Starting - reading configuration files ...
  3. reread_config:  reading radiusd.conf
  4. Config:   including file: /etc/raddb/proxy.conf
  5. Config:   including file: /etc/raddb/clients.conf
  6. Config:   including file: /etc/raddb/snmp.conf
  7.  main: prefix = "/usr"
  8.  main: localstatedir = "/var"
  9.  main: logdir = "/var/log/radius"
  10.  main: libdir = "/usr/lib"
  11.  main: radacctdir = "/var/log/radius/radacct"
  12.  main: hostname_lookups = no
  13.  main: max_request_time = 30
  14.  main: cleanup_delay = 5
  15.  main: max_requests = 1024
  16.  main: delete_blocked_requests = 0
  17.  main: port = 0
  18.  main: allow_core_dumps = no
  19.  main: log_stripped_names = no
  20.  main: log_file = "/var/log/radius/radius.log"
  21.  main: log_auth = no
  22.  main: log_auth_badpass = no
  23.  main: log_auth_goodpass = no
  24.  main: pidfile = "/var/run/radiusd/radiusd.pid"
  25.  main: user = "radiusd"
  26.  main: group = "radiusd"
  27.  main: usercollide = no
  28.  main: lower_user = "no"
  29.  main: lower_pass = "no"
  30.  main: nospace_user = "no"
  31.  main: nospace_pass = "no"
  32.  main: checkrad = "/usr/sbin/checkrad"
  33.  main: proxy_requests = yes
  34.  proxy: retry_delay = 5
  35.  proxy: retry_count = 3
  36.  proxy: synchronous = no
  37.  proxy: default_fallback = yes
  38.  proxy: dead_time = 120
  39.  proxy: post_proxy_authorize = no
  40.  proxy: wake_all_if_all_dead = no
  41.  security: max_attributes = 200
  42.  security: reject_delay = 1
  43.  security: status_server = no
  44.  main: debug_level = 0
  45. read_config_files:  reading dictionary
  46. read_config_files:  reading naslist
  47. Using deprecated naslist file.  Support for this will go away soon.
  48. read_config_files:  reading clients
  49. read_config_files:  reading realms
  50. radiusd:  entering modules setup
  51. Module: Library search path is /usr/lib
  52. Module: Loaded LDAP
  53.  ldap: server = "tfxschoolfs01.tfxschool.internal"
  54.  ldap: port = 389
  55.  ldap: net_timeout = 1
  56.  ldap: timeout = 4
  57.  ldap: timelimit = 3
  58.  ldap: identity = "CN=Jacob Jarick,OU=People,DC=tfxschool,DC=internal"
  59.  ldap: tls_mode = no
  60.  ldap: start_tls = no
  61.  ldap: tls_cacertfile = "(null)"
  62.  ldap: tls_cacertdir = "(null)"
  63.  ldap: tls_certfile = "(null)"
  64.  ldap: tls_keyfile = "(null)"
  65.  ldap: tls_randfile = "(null)"
  66.  ldap: tls_require_cert = "allow"
  67.  ldap: password = "pass"
  68.  ldap: basedn = "OU=People,DC=tfxschool,DC=internal"
  69.  ldap: filter = "(sAMAccountName=%{Stripped-User-Name:-%{User-Name}})"
  70.  ldap: base_filter = "(objectclass=radiusprofile)"
  71.  ldap: default_profile = "(null)"
  72.  ldap: profile_attribute = "(null)"
  73.  ldap: password_header = "(null)"
  74.  ldap: password_attribute = "(null)"
  75.  ldap: access_attr = "(null)"
  76.  ldap: groupname_attribute = "cn"
  77.  ldap: groupmembership_filter = "(|(&(objectClass=GroupOfNames)(member=%{Ldap-UserDn}))(&(objectClass=GroupOfUniqueNames)(uniquemember=%{Ldap-UserDn})))"
  78.  ldap: groupmembership_attribute = "(null)"
  79.  ldap: dictionary_mapping = "/etc/raddb/ldap.attrmap"
  80.  ldap: ldap_debug = 0
  81.  ldap: ldap_connections_number = 5
  82.  ldap: compare_check_items = no
  83.  ldap: access_attr_used_for_allow = yes
  84.  ldap: do_xlat = yes
  85.  ldap: edir_account_policy_check = yes
  86.  ldap: set_auth_type = yes
  87. rlm_ldap: Registering ldap_groupcmp for Ldap-Group
  88. rlm_ldap: Registering ldap_xlat with xlat_name ldap
  89. rlm_ldap: reading ldap<->radius mappings from file /etc/raddb/ldap.attrmap
  90. rlm_ldap: LDAP radiusCheckItem mapped to RADIUS $GENERIC$
  91. rlm_ldap: LDAP radiusReplyItem mapped to RADIUS $GENERIC$
  92. rlm_ldap: LDAP radiusAuthType mapped to RADIUS Auth-Type
  93. rlm_ldap: LDAP radiusSimultaneousUse mapped to RADIUS Simultaneous-Use
  94. rlm_ldap: LDAP radiusCalledStationId mapped to RADIUS Called-Station-Id
  95. rlm_ldap: LDAP radiusCallingStationId mapped to RADIUS Calling-Station-Id
  96. rlm_ldap: LDAP lmPassword mapped to RADIUS LM-Password
  97. rlm_ldap: LDAP ntPassword mapped to RADIUS NT-Password
  98. rlm_ldap: LDAP acctFlags mapped to RADIUS SMB-Account-CTRL-TEXT
  99. rlm_ldap: LDAP radiusExpiration mapped to RADIUS Expiration
  100. rlm_ldap: LDAP radiusNASIpAddress mapped to RADIUS NAS-IP-Address
  101. rlm_ldap: LDAP radiusServiceType mapped to RADIUS Service-Type
  102. rlm_ldap: LDAP radiusFramedProtocol mapped to RADIUS Framed-Protocol
  103. rlm_ldap: LDAP radiusFramedIPAddress mapped to RADIUS Framed-IP-Address
  104. rlm_ldap: LDAP radiusFramedIPNetmask mapped to RADIUS Framed-IP-Netmask
  105. rlm_ldap: LDAP radiusFramedRoute mapped to RADIUS Framed-Route
  106. rlm_ldap: LDAP radiusFramedRouting mapped to RADIUS Framed-Routing
  107. rlm_ldap: LDAP radiusFilterId mapped to RADIUS Filter-Id
  108. rlm_ldap: LDAP radiusFramedMTU mapped to RADIUS Framed-MTU
  109. rlm_ldap: LDAP radiusFramedCompression mapped to RADIUS Framed-Compression
  110. rlm_ldap: LDAP radiusLoginIPHost mapped to RADIUS Login-IP-Host
  111. rlm_ldap: LDAP radiusLoginService mapped to RADIUS Login-Service
  112. rlm_ldap: LDAP radiusLoginTCPPort mapped to RADIUS Login-TCP-Port
  113. rlm_ldap: LDAP radiusCallbackNumber mapped to RADIUS Callback-Number
  114. rlm_ldap: LDAP radiusCallbackId mapped to RADIUS Callback-Id
  115. rlm_ldap: LDAP radiusFramedIPXNetwork mapped to RADIUS Framed-IPX-Network
  116. rlm_ldap: LDAP radiusClass mapped to RADIUS Class
  117. rlm_ldap: LDAP radiusSessionTimeout mapped to RADIUS Session-Timeout
  118. rlm_ldap: LDAP radiusIdleTimeout mapped to RADIUS Idle-Timeout
  119. rlm_ldap: LDAP radiusTerminationAction mapped to RADIUS Termination-Action
  120. rlm_ldap: LDAP radiusLoginLATService mapped to RADIUS Login-LAT-Service
  121. rlm_ldap: LDAP radiusLoginLATNode mapped to RADIUS Login-LAT-Node
  122. rlm_ldap: LDAP radiusLoginLATGroup mapped to RADIUS Login-LAT-Group
  123. rlm_ldap: LDAP radiusFramedAppleTalkLink mapped to RADIUS Framed-AppleTalk-Link
  124. rlm_ldap: LDAP radiusFramedAppleTalkNetwork mapped to RADIUS Framed-AppleTalk-Network
  125. rlm_ldap: LDAP radiusFramedAppleTalkZone mapped to RADIUS Framed-AppleTalk-Zone
  126. rlm_ldap: LDAP radiusPortLimit mapped to RADIUS Port-Limit
  127. rlm_ldap: LDAP radiusLoginLATPort mapped to RADIUS Login-LAT-Port
  128. rlm_ldap: LDAP radiusReplyMessage mapped to RADIUS Reply-Message
  129. conns: 0x94ee250
  130. Module: Instantiated ldap (ldap)
  131. Module: Loaded preprocess
  132.  preprocess: huntgroups = "/etc/raddb/huntgroups"
  133.  preprocess: hints = "/etc/raddb/hints"
  134.  preprocess: with_ascend_hack = no
  135.  preprocess: ascend_channels_per_line = 23
  136.  preprocess: with_ntdomain_hack = no
  137.  preprocess: with_specialix_jetstream_hack = no
  138.  preprocess: with_cisco_vsa_hack = no
  139.  preprocess: with_alvarion_vsa_hack = no
  140. Module: Instantiated preprocess (preprocess)
  141. Module: Loaded detail
  142.  detail: detailfile = "/var/log/radius/radacct/%{Client-IP-Address}/detail-%Y%m%d"
  143.  detail: detailperm = 420
  144.  detail: dirperm = 493
  145.  detail: locking = no
  146. Module: Instantiated detail (detail)
  147. Listening on authentication *:1812
  148. Listening on accounting *:1813
  149. Ready to process requests.
  150. rad_recv: Access-Request packet from host 127.0.0.1:32938, id=118, length=57
  151.         User-Name = "jacob"
  152.         User-Password = "pass"
  153.         NAS-IP-Address = 255.255.255.255
  154.         NAS-Port = 1
  155.   Processing the authorize section of radiusd.conf
  156. modcall: entering group authorize for request 0
  157.   modcall[authorize]: module "preprocess" returns ok for request 0
  158. rlm_ldap: - authorize
  159. rlm_ldap: performing user authorization for jacob
  160. radius_xlat:  '(sAMAccountName=jacob)'
  161. radius_xlat:  'OU=People,DC=tfxschool,DC=internal'
  162. rlm_ldap: ldap_get_conn: Checking Id: 0
  163. rlm_ldap: ldap_get_conn: Got Id: 0
  164. rlm_ldap: attempting LDAP reconnection
  165. rlm_ldap: (re)connect to tfxschoolfs01.tfxschool.internal:389, authentication 0
  166. rlm_ldap: bind as CN=Jacob Jarick,OU=People,DC=tfxschool,DC=internal/pass to tfxschoolfs01.tfxschool.internal:389
  167. rlm_ldap: waiting for bind result ...
  168. rlm_ldap: Bind was successful
  169. rlm_ldap: performing search in OU=People,DC=tfxschool,DC=internal, with filter (sAMAccountName=jacob)
  170. rlm_ldap: looking for check items in directory...
  171. rlm_ldap: looking for reply items in directory...
  172. rlm_ldap: Setting Auth-Type = ldap
  173. rlm_ldap: user jacob authorized to use remote access
  174. rlm_ldap: ldap_release_conn: Release Id: 0
  175.   modcall[authorize]: module "ldap" returns ok for request 0
  176. modcall: leaving group authorize (returns ok) for request 0
  177.   rad_check_password:  Found Auth-Type ldap
  178. auth: type "LDAP"
  179.   Processing the authenticate section of radiusd.conf
  180. modcall: entering group LDAP for request 0
  181. rlm_ldap: - authenticate
  182. rlm_ldap: login attempt by "jacob" with password "pass"
  183. rlm_ldap: user DN: CN=Jacob Jarick,OU=People,DC=tfxschool,DC=internal
  184. rlm_ldap: (re)connect to tfxschoolfs01.tfxschool.internal:389, authentication 1
  185. rlm_ldap: bind as CN=Jacob Jarick,OU=People,DC=tfxschool,DC=internal/pass to tfxschoolfs01.tfxschool.internal:389
  186. rlm_ldap: waiting for bind result ...
  187. rlm_ldap: Bind was successful
  188. rlm_ldap: user jacob authenticated succesfully
  189.   modcall[authenticate]: module "ldap" returns ok for request 0
  190. modcall: leaving group LDAP (returns ok) for request 0
  191. Sending Access-Accept of id 118 to 127.0.0.1 port 32938
  192. Finished request 0
  193. Going to the next request
  194. --- Walking the entire request list ---
  195. Waking up in 6 seconds...
  196. rad_recv: Access-Request packet from host 127.0.0.1:32938, id=122, length=57
  197.         User-Name = "jacob"
  198.         User-Password = "wrongpass"
  199.         NAS-IP-Address = 255.255.255.255
  200.         NAS-Port = 1
  201.   Processing the authorize section of radiusd.conf
  202. modcall: entering group authorize for request 1
  203.   modcall[authorize]: module "preprocess" returns ok for request 1
  204. rlm_ldap: - authorize
  205. rlm_ldap: performing user authorization for jacob
  206. radius_xlat:  '(sAMAccountName=jacob)'
  207. radius_xlat:  'OU=People,DC=tfxschool,DC=internal'
  208. rlm_ldap: ldap_get_conn: Checking Id: 0
  209. rlm_ldap: ldap_get_conn: Got Id: 0
  210. rlm_ldap: performing search in OU=People,DC=tfxschool,DC=internal, with filter (sAMAccountName=jacob)
  211. rlm_ldap: looking for check items in directory...
  212. rlm_ldap: looking for reply items in directory...
  213. rlm_ldap: Setting Auth-Type = ldap
  214. rlm_ldap: user jacob authorized to use remote access
  215. rlm_ldap: ldap_release_conn: Release Id: 0
  216.   modcall[authorize]: module "ldap" returns ok for request 1
  217. modcall: leaving group authorize (returns ok) for request 1
  218.   rad_check_password:  Found Auth-Type ldap
  219. auth: type "LDAP"
  220.   Processing the authenticate section of radiusd.conf
  221. modcall: entering group LDAP for request 1
  222. rlm_ldap: - authenticate
  223. rlm_ldap: login attempt by "jacob" with password "wrongpass"
  224. rlm_ldap: user DN: CN=Jacob Jarick,OU=People,DC=tfxschool,DC=internal
  225. rlm_ldap: (re)connect to tfxschoolfs01.tfxschool.internal:389, authentication 1
  226. rlm_ldap: bind as CN=Jacob Jarick,OU=People,DC=tfxschool,DC=internal/wrongpass to tfxschoolfs01.tfxschool.internal:389
  227. rlm_ldap: waiting for bind result ...
  228. rlm_ldap: Bind failed with invalid credentials
  229. rlm_ldap: 80090308: LdapErr: DSID-0C090334, comment: AcceptSecurityContext error, data 52e, vece
  230.   modcall[authenticate]: module "ldap" returns reject for request 1
  231. modcall: leaving group LDAP (returns reject) for request 1
  232. auth: Failed to validate the user.
  233. Delaying request 1 for 1 seconds
  234. Finished request 1
  235. Going to the next request
  236. --- Walking the entire request list ---
  237. Cleaning up request 0 ID 118 with timestamp 4634779e
  238. Waking up in 1 seconds...
  239. --- Walking the entire request list ---
  240. Waking up in 1 seconds...
  241. --- Walking the entire request list ---
  242. Sending Access-Reject of id 122 to 127.0.0.1 port 32938
  243.         Reply-Message = "80090308: LdapErr: DSID-0C090334, comment: AcceptSecurityContext error, data 52e, vece"
  244. Waking up in 4 seconds...
  245. --- Walking the entire request list ---
  246. Cleaning up request 1 ID 122 with timestamp 463477a4
  247. Nothing to do.  Sleeping until we see a request.

advertising

Update the Post

Either update this post and resubmit it with changes, or make a new post.

You may also comment on this post.

update paste below
details of the post (optional)

Note: Only the paste content is required, though the following information can be useful to others.

Save name / title?

(space separated, optional)



Please note that information posted here will expire by default in one month. If you do not want it to expire, please set the expiry time above. If it is set to expire, web search engines will not be allowed to index it prior to it expiring. Items that are not marked to expire will be indexable by search engines. Be careful with your passwords. All illegal activities will be reported and any information will be handed over to the authorities, so be good.

comments powered by Disqus
worth-right