[Users] Openser with Radius
Dubromez Matthieu
matthieu.dubromez at insa-lyon.fr
Thu Jul 13 13:47:35 CEST 2006
Hello,
Yes I've followed the steps but I don't want to write all of my users in the
users file. So I must to load the user profiles from LDAP and I don't know the
way to do this :( !!!
Sincerely,
Matthieu
> Hello,
>
> have you followed the steps in
> http://www.openser.org/docs/openser-radius-1.0.x.html ? Did you set the
> user profile accordingly? Seems that the profile of the SIP user does
> not have the User-Password or Digest-HA1 attributes set.
>
> http://www.openser.org/docs/openser-radius-1.0.x.html#freeradius_users
>
> Cheers,
> Daniel
>
>
>
> On 07/13/06 12:14, Dubromez Matthieu wrote:
> > Hi all
> >
> > I tried to authenticate the user with rlm_digest but the problem persits :
> > configuration item "User-Password" or Digest-HA1 is required for
> > authentication. Here is the log :
> >
> > rlm_ldap: checking if remote access for A208534 is allowed by uid
> > rlm_ldap: looking for check items in directory...
> > rlm_ldap: looking for reply items in directory...
> > rlm_ldap: user A208534 authorized to use remote access
> > rlm_ldap: ldap_release_conn: Release Id: 0
> > modcall[authorize]: module "ldap" returns ok for request 4
> > modcall: leaving group authorize (returns ok) for request 4
> > rad_check_password: Found Auth-Type Digest
> > auth: type "digest"
> > Processing the authenticate section of radiusd.conf
> > modcall: entering group authenticate for request 4
> > rlm_digest: Configuration item "User-Password" or Digest-HA1 is required
> for
> > authentication.
> > modcall[authenticate]: module "digest" returns invalid for request 4
> > modcall: leaving group authenticate (returns invalid) for request 4
> > auth: Failed to validate the user.
> >
> > Nobody has already done an authentication with LDAP?
> >
> > I found an article about this, but with Astersik :
> >
> >
>
http://www-rocq.inria.fr/who/Philippe.Sultan/Asterisk/asterisk_sip_external_authentication.html#AEN237
> >
> > Is it a good solution? How to do it ;) !!
> >
> > Thanks for your help
> >
> > Matthieu
> >
> > Selon Daniel-Constantin Mierla <daniel at voice-system.ro>:
> >
> >
> >> Hello,
> >>
> >> in SIP you can have only digest authentication as per RFC 2617.
> >> Therefore you have to use rlm_digest to authenticate the user. How to
> >> make the module to pull the password from the LDAP I cannot say since I
> >> have no experience with.
> >>
> >> Maybe the next link will help you a bit as well.
> >>
> >> http://www.openser.org/docs/openser-radius-1.0.x.html
> >>
> >> Cheers,
> >> Daniel
> >>
> >>
> >> On 07/12/06 18:15, Dubromez Matthieu wrote:
> >>
> >>> Hi all,
> >>>
> >>> I'm new in OpenSER and I try to authenticate users with my LDAP by a
> >>>
> >> Radius
> >>
> >>> server. My problem is that the attribute User-Password missed in the
> >>>
> >> request I
> >>
> >>> think. I searched a solution but nothing worked! Can someone help me
> >>>
> >> please!
> >>
> >>> Here is the log of radiusd :
> >>>
> >>> rlm_ldap: checking if remote access for A208534 is allowed by uid
> >>> rlm_ldap: looking for check items in directory...
> >>> rlm_ldap: looking for reply items in directory...
> >>> rlm_ldap: user A208534 authorized to use remote access
> >>> rlm_ldap: ldap_release_conn: Release Id: 0
> >>> modcall[authorize]: module "ldap" returns ok for request 4
> >>> modcall: leaving group authorize (returns ok) for request 4
> >>> rad_check_password: Found Auth-Type LDAP
> >>> auth: type "LDAP"
> >>> Processing the authenticate section of radiusd.conf
> >>> modcall: entering group LDAP for request 4
> >>> rlm_ldap: - authenticate
> >>> rlm_ldap: Attribute "User-Password" is required for authentication.
> >>> modcall[authenticate]: module "ldap" returns invalid for request 4
> >>> modcall: leaving group LDAP (returns invalid) for request 4
> >>> auth: Failed to validate the user.
> >>>
> >>>
> >>> Thanks for help
> >>>
> >>> Matthieu
> >>>
> >>> PS : Sorry for my english!
> >>>
> >>> _______________________________________________
> >>> Users mailing list
> >>> Users at openser.org
> >>> http://openser.org/cgi-bin/mailman/listinfo/users
> >>>
> >>>
> >>>
> >
> >
> >
> >
> >
>
More information about the Users
mailing list