[Users] Openser with Radius
Daniel-Constantin Mierla
daniel at voice-system.ro
Thu Jul 13 13:04:06 CEST 2006
Hello,
have you followed the steps in
http://www.openser.org/docs/openser-radius-1.0.x.html ? Did you set the
user profile accordingly? Seems that the profile of the SIP user does
not have the User-Password or Digest-HA1 attributes set.
http://www.openser.org/docs/openser-radius-1.0.x.html#freeradius_users
Cheers,
Daniel
On 07/13/06 12:14, Dubromez Matthieu wrote:
> Hi all
>
> I tried to authenticate the user with rlm_digest but the problem persits :
> configuration item "User-Password" or Digest-HA1 is required for
> authentication. Here is the log :
>
> rlm_ldap: checking if remote access for A208534 is allowed by uid
> rlm_ldap: looking for check items in directory...
> rlm_ldap: looking for reply items in directory...
> rlm_ldap: user A208534 authorized to use remote access
> rlm_ldap: ldap_release_conn: Release Id: 0
> modcall[authorize]: module "ldap" returns ok for request 4
> modcall: leaving group authorize (returns ok) for request 4
> rad_check_password: Found Auth-Type Digest
> auth: type "digest"
> Processing the authenticate section of radiusd.conf
> modcall: entering group authenticate for request 4
> rlm_digest: Configuration item "User-Password" or Digest-HA1 is required for
> authentication.
> modcall[authenticate]: module "digest" returns invalid for request 4
> modcall: leaving group authenticate (returns invalid) for request 4
> auth: Failed to validate the user.
>
> Nobody has already done an authentication with LDAP?
>
> I found an article about this, but with Astersik :
>
> http://www-rocq.inria.fr/who/Philippe.Sultan/Asterisk/asterisk_sip_external_authentication.html#AEN237
>
> Is it a good solution? How to do it ;) !!
>
> Thanks for your help
>
> Matthieu
>
> Selon Daniel-Constantin Mierla <daniel at voice-system.ro>:
>
>
>> Hello,
>>
>> in SIP you can have only digest authentication as per RFC 2617.
>> Therefore you have to use rlm_digest to authenticate the user. How to
>> make the module to pull the password from the LDAP I cannot say since I
>> have no experience with.
>>
>> Maybe the next link will help you a bit as well.
>>
>> http://www.openser.org/docs/openser-radius-1.0.x.html
>>
>> Cheers,
>> Daniel
>>
>>
>> On 07/12/06 18:15, Dubromez Matthieu wrote:
>>
>>> Hi all,
>>>
>>> I'm new in OpenSER and I try to authenticate users with my LDAP by a
>>>
>> Radius
>>
>>> server. My problem is that the attribute User-Password missed in the
>>>
>> request I
>>
>>> think. I searched a solution but nothing worked! Can someone help me
>>>
>> please!
>>
>>> Here is the log of radiusd :
>>>
>>> rlm_ldap: checking if remote access for A208534 is allowed by uid
>>> rlm_ldap: looking for check items in directory...
>>> rlm_ldap: looking for reply items in directory...
>>> rlm_ldap: user A208534 authorized to use remote access
>>> rlm_ldap: ldap_release_conn: Release Id: 0
>>> modcall[authorize]: module "ldap" returns ok for request 4
>>> modcall: leaving group authorize (returns ok) for request 4
>>> rad_check_password: Found Auth-Type LDAP
>>> auth: type "LDAP"
>>> Processing the authenticate section of radiusd.conf
>>> modcall: entering group LDAP for request 4
>>> rlm_ldap: - authenticate
>>> rlm_ldap: Attribute "User-Password" is required for authentication.
>>> modcall[authenticate]: module "ldap" returns invalid for request 4
>>> modcall: leaving group LDAP (returns invalid) for request 4
>>> auth: Failed to validate the user.
>>>
>>>
>>> Thanks for help
>>>
>>> Matthieu
>>>
>>> PS : Sorry for my english!
>>>
>>> _______________________________________________
>>> Users mailing list
>>> Users at openser.org
>>> http://openser.org/cgi-bin/mailman/listinfo/users
>>>
>>>
>>>
>
>
>
>
>
More information about the Users
mailing list