Hi all,
I'm new in OpenSER and I try to authenticate users with my LDAP by a Radius server. My problem is that the attribute User-Password missed in the request I think. I searched a solution but nothing worked! Can someone help me please! Here is the log of radiusd :
rlm_ldap: checking if remote access for A208534 is allowed by uid rlm_ldap: looking for check items in directory... rlm_ldap: looking for reply items in directory... rlm_ldap: user A208534 authorized to use remote access rlm_ldap: ldap_release_conn: Release Id: 0 modcall[authorize]: module "ldap" returns ok for request 4 modcall: leaving group authorize (returns ok) for request 4 rad_check_password: Found Auth-Type LDAP auth: type "LDAP" Processing the authenticate section of radiusd.conf modcall: entering group LDAP for request 4 rlm_ldap: - authenticate rlm_ldap: Attribute "User-Password" is required for authentication. modcall[authenticate]: module "ldap" returns invalid for request 4 modcall: leaving group LDAP (returns invalid) for request 4 auth: Failed to validate the user.
Thanks for help
Matthieu
PS : Sorry for my english!
Hello,
in SIP you can have only digest authentication as per RFC 2617. Therefore you have to use rlm_digest to authenticate the user. How to make the module to pull the password from the LDAP I cannot say since I have no experience with.
Maybe the next link will help you a bit as well.
http://www.openser.org/docs/openser-radius-1.0.x.html
Cheers, Daniel
On 07/12/06 18:15, Dubromez Matthieu wrote:
Hi all,
I'm new in OpenSER and I try to authenticate users with my LDAP by a Radius server. My problem is that the attribute User-Password missed in the request I think. I searched a solution but nothing worked! Can someone help me please! Here is the log of radiusd :
rlm_ldap: checking if remote access for A208534 is allowed by uid rlm_ldap: looking for check items in directory... rlm_ldap: looking for reply items in directory... rlm_ldap: user A208534 authorized to use remote access rlm_ldap: ldap_release_conn: Release Id: 0 modcall[authorize]: module "ldap" returns ok for request 4 modcall: leaving group authorize (returns ok) for request 4 rad_check_password: Found Auth-Type LDAP auth: type "LDAP" Processing the authenticate section of radiusd.conf modcall: entering group LDAP for request 4 rlm_ldap: - authenticate rlm_ldap: Attribute "User-Password" is required for authentication. modcall[authenticate]: module "ldap" returns invalid for request 4 modcall: leaving group LDAP (returns invalid) for request 4 auth: Failed to validate the user.
Thanks for help
Matthieu
PS : Sorry for my english!
Users mailing list Users@openser.org http://openser.org/cgi-bin/mailman/listinfo/users
Hi all
I tried to authenticate the user with rlm_digest but the problem persits : configuration item "User-Password" or Digest-HA1 is required for authentication. Here is the log :
rlm_ldap: checking if remote access for A208534 is allowed by uid rlm_ldap: looking for check items in directory... rlm_ldap: looking for reply items in directory... rlm_ldap: user A208534 authorized to use remote access rlm_ldap: ldap_release_conn: Release Id: 0 modcall[authorize]: module "ldap" returns ok for request 4 modcall: leaving group authorize (returns ok) for request 4 rad_check_password: Found Auth-Type Digest auth: type "digest" Processing the authenticate section of radiusd.conf modcall: entering group authenticate for request 4 rlm_digest: Configuration item "User-Password" or Digest-HA1 is required for authentication. modcall[authenticate]: module "digest" returns invalid for request 4 modcall: leaving group authenticate (returns invalid) for request 4 auth: Failed to validate the user.
Nobody has already done an authentication with LDAP?
I found an article about this, but with Astersik :
http://www-rocq.inria.fr/who/Philippe.Sultan/Asterisk/asterisk_sip_external_...
Is it a good solution? How to do it ;) !!
Thanks for your help
Matthieu
Selon Daniel-Constantin Mierla daniel@voice-system.ro:
Hello,
in SIP you can have only digest authentication as per RFC 2617. Therefore you have to use rlm_digest to authenticate the user. How to make the module to pull the password from the LDAP I cannot say since I have no experience with.
Maybe the next link will help you a bit as well.
http://www.openser.org/docs/openser-radius-1.0.x.html
Cheers, Daniel
On 07/12/06 18:15, Dubromez Matthieu wrote:
Hi all,
I'm new in OpenSER and I try to authenticate users with my LDAP by a
Radius
server. My problem is that the attribute User-Password missed in the
request I
think. I searched a solution but nothing worked! Can someone help me
please!
Here is the log of radiusd :
rlm_ldap: checking if remote access for A208534 is allowed by uid rlm_ldap: looking for check items in directory... rlm_ldap: looking for reply items in directory... rlm_ldap: user A208534 authorized to use remote access rlm_ldap: ldap_release_conn: Release Id: 0 modcall[authorize]: module "ldap" returns ok for request 4 modcall: leaving group authorize (returns ok) for request 4 rad_check_password: Found Auth-Type LDAP auth: type "LDAP" Processing the authenticate section of radiusd.conf modcall: entering group LDAP for request 4 rlm_ldap: - authenticate rlm_ldap: Attribute "User-Password" is required for authentication. modcall[authenticate]: module "ldap" returns invalid for request 4 modcall: leaving group LDAP (returns invalid) for request 4 auth: Failed to validate the user.
Thanks for help
Matthieu
PS : Sorry for my english!
Users mailing list Users@openser.org http://openser.org/cgi-bin/mailman/listinfo/users
Hello,
have you followed the steps in http://www.openser.org/docs/openser-radius-1.0.x.html ? Did you set the user profile accordingly? Seems that the profile of the SIP user does not have the User-Password or Digest-HA1 attributes set.
http://www.openser.org/docs/openser-radius-1.0.x.html#freeradius_users
Cheers, Daniel
On 07/13/06 12:14, Dubromez Matthieu wrote:
Hi all
I tried to authenticate the user with rlm_digest but the problem persits : configuration item "User-Password" or Digest-HA1 is required for authentication. Here is the log :
rlm_ldap: checking if remote access for A208534 is allowed by uid rlm_ldap: looking for check items in directory... rlm_ldap: looking for reply items in directory... rlm_ldap: user A208534 authorized to use remote access rlm_ldap: ldap_release_conn: Release Id: 0 modcall[authorize]: module "ldap" returns ok for request 4 modcall: leaving group authorize (returns ok) for request 4 rad_check_password: Found Auth-Type Digest auth: type "digest" Processing the authenticate section of radiusd.conf modcall: entering group authenticate for request 4 rlm_digest: Configuration item "User-Password" or Digest-HA1 is required for authentication. modcall[authenticate]: module "digest" returns invalid for request 4 modcall: leaving group authenticate (returns invalid) for request 4 auth: Failed to validate the user.
Nobody has already done an authentication with LDAP?
I found an article about this, but with Astersik :
http://www-rocq.inria.fr/who/Philippe.Sultan/Asterisk/asterisk_sip_external_...
Is it a good solution? How to do it ;) !!
Thanks for your help
Matthieu
Selon Daniel-Constantin Mierla daniel@voice-system.ro:
Hello,
in SIP you can have only digest authentication as per RFC 2617. Therefore you have to use rlm_digest to authenticate the user. How to make the module to pull the password from the LDAP I cannot say since I have no experience with.
Maybe the next link will help you a bit as well.
http://www.openser.org/docs/openser-radius-1.0.x.html
Cheers, Daniel
On 07/12/06 18:15, Dubromez Matthieu wrote:
Hi all,
I'm new in OpenSER and I try to authenticate users with my LDAP by a
Radius
server. My problem is that the attribute User-Password missed in the
request I
think. I searched a solution but nothing worked! Can someone help me
please!
Here is the log of radiusd :
rlm_ldap: checking if remote access for A208534 is allowed by uid rlm_ldap: looking for check items in directory... rlm_ldap: looking for reply items in directory... rlm_ldap: user A208534 authorized to use remote access rlm_ldap: ldap_release_conn: Release Id: 0 modcall[authorize]: module "ldap" returns ok for request 4 modcall: leaving group authorize (returns ok) for request 4 rad_check_password: Found Auth-Type LDAP auth: type "LDAP" Processing the authenticate section of radiusd.conf modcall: entering group LDAP for request 4 rlm_ldap: - authenticate rlm_ldap: Attribute "User-Password" is required for authentication. modcall[authenticate]: module "ldap" returns invalid for request 4 modcall: leaving group LDAP (returns invalid) for request 4 auth: Failed to validate the user.
Thanks for help
Matthieu
PS : Sorry for my english!
Users mailing list Users@openser.org http://openser.org/cgi-bin/mailman/listinfo/users
Hello,
Yes I've followed the steps but I don't want to write all of my users in the users file. So I must to load the user profiles from LDAP and I don't know the way to do this :( !!!
Sincerely,
Matthieu
Hello,
have you followed the steps in http://www.openser.org/docs/openser-radius-1.0.x.html ? Did you set the user profile accordingly? Seems that the profile of the SIP user does not have the User-Password or Digest-HA1 attributes set.
http://www.openser.org/docs/openser-radius-1.0.x.html#freeradius_users
Cheers, Daniel
On 07/13/06 12:14, Dubromez Matthieu wrote:
Hi all
I tried to authenticate the user with rlm_digest but the problem persits : configuration item "User-Password" or Digest-HA1 is required for authentication. Here is the log :
rlm_ldap: checking if remote access for A208534 is allowed by uid rlm_ldap: looking for check items in directory... rlm_ldap: looking for reply items in directory... rlm_ldap: user A208534 authorized to use remote access rlm_ldap: ldap_release_conn: Release Id: 0 modcall[authorize]: module "ldap" returns ok for request 4 modcall: leaving group authorize (returns ok) for request 4 rad_check_password: Found Auth-Type Digest auth: type "digest" Processing the authenticate section of radiusd.conf modcall: entering group authenticate for request 4 rlm_digest: Configuration item "User-Password" or Digest-HA1 is required
for
authentication. modcall[authenticate]: module "digest" returns invalid for request 4 modcall: leaving group authenticate (returns invalid) for request 4 auth: Failed to validate the user.
Nobody has already done an authentication with LDAP?
I found an article about this, but with Astersik :
http://www-rocq.inria.fr/who/Philippe.Sultan/Asterisk/asterisk_sip_external_...
Is it a good solution? How to do it ;) !!
Thanks for your help
Matthieu
Selon Daniel-Constantin Mierla daniel@voice-system.ro:
Hello,
in SIP you can have only digest authentication as per RFC 2617. Therefore you have to use rlm_digest to authenticate the user. How to make the module to pull the password from the LDAP I cannot say since I have no experience with.
Maybe the next link will help you a bit as well.
http://www.openser.org/docs/openser-radius-1.0.x.html
Cheers, Daniel
On 07/12/06 18:15, Dubromez Matthieu wrote:
Hi all,
I'm new in OpenSER and I try to authenticate users with my LDAP by a
Radius
server. My problem is that the attribute User-Password missed in the
request I
think. I searched a solution but nothing worked! Can someone help me
please!
Here is the log of radiusd :
rlm_ldap: checking if remote access for A208534 is allowed by uid rlm_ldap: looking for check items in directory... rlm_ldap: looking for reply items in directory... rlm_ldap: user A208534 authorized to use remote access rlm_ldap: ldap_release_conn: Release Id: 0 modcall[authorize]: module "ldap" returns ok for request 4 modcall: leaving group authorize (returns ok) for request 4 rad_check_password: Found Auth-Type LDAP auth: type "LDAP" Processing the authenticate section of radiusd.conf modcall: entering group LDAP for request 4 rlm_ldap: - authenticate rlm_ldap: Attribute "User-Password" is required for authentication. modcall[authenticate]: module "ldap" returns invalid for request 4 modcall: leaving group LDAP (returns invalid) for request 4 auth: Failed to validate the user.
Thanks for help
Matthieu
PS : Sorry for my english!
Users mailing list Users@openser.org http://openser.org/cgi-bin/mailman/listinfo/users
Hi all,
I put this in the users file and it works :
DEFAULT Auth-Type := digest, Digest-HA1 := "mypassword"
But it works logically only if it's my User-Name. Thats's why I tried to put this and it doesn't work (syntax problem I think) :
DEFAULT Auth-Type := digest, Digest-HA1 := `echo -n %{Digest-User-Name}:%{Digest-Realm}:%{Digest-User-Password} | md5sum`
Is it possible to do something near like this or it's absolutely crazy ;) ?
Thanks
Matthieu
Hello,
Yes I've followed the steps but I don't want to write all of my users in the users file. So I must to load the user profiles from LDAP and I don't know the way to do this :( !!!
Sincerely,
Matthieu
Hello,
have you followed the steps in http://www.openser.org/docs/openser-radius-1.0.x.html ? Did you set the user profile accordingly? Seems that the profile of the SIP user does not have the User-Password or Digest-HA1 attributes set.
http://www.openser.org/docs/openser-radius-1.0.x.html#freeradius_users
Cheers, Daniel
On 07/13/06 12:14, Dubromez Matthieu wrote:
Hi all
I tried to authenticate the user with rlm_digest but the problem persits
:
configuration item "User-Password" or Digest-HA1 is required for authentication. Here is the log :
rlm_ldap: checking if remote access for A208534 is allowed by uid rlm_ldap: looking for check items in directory... rlm_ldap: looking for reply items in directory... rlm_ldap: user A208534 authorized to use remote access rlm_ldap: ldap_release_conn: Release Id: 0 modcall[authorize]: module "ldap" returns ok for request 4 modcall: leaving group authorize (returns ok) for request 4 rad_check_password: Found Auth-Type Digest auth: type "digest" Processing the authenticate section of radiusd.conf modcall: entering group authenticate for request 4 rlm_digest: Configuration item "User-Password" or Digest-HA1 is required
for
authentication. modcall[authenticate]: module "digest" returns invalid for request 4 modcall: leaving group authenticate (returns invalid) for request 4 auth: Failed to validate the user.
Nobody has already done an authentication with LDAP?
I found an article about this, but with Astersik :
http://www-rocq.inria.fr/who/Philippe.Sultan/Asterisk/asterisk_sip_external_...
Is it a good solution? How to do it ;) !!
Thanks for your help
Matthieu
Selon Daniel-Constantin Mierla daniel@voice-system.ro:
Hello,
in SIP you can have only digest authentication as per RFC 2617. Therefore you have to use rlm_digest to authenticate the user. How to make the module to pull the password from the LDAP I cannot say since I
have no experience with.
Maybe the next link will help you a bit as well.
http://www.openser.org/docs/openser-radius-1.0.x.html
Cheers, Daniel
On 07/12/06 18:15, Dubromez Matthieu wrote:
Hi all,
I'm new in OpenSER and I try to authenticate users with my LDAP by a
Radius
server. My problem is that the attribute User-Password missed in the
request I
think. I searched a solution but nothing worked! Can someone help me
please!
Here is the log of radiusd :
rlm_ldap: checking if remote access for A208534 is allowed by uid rlm_ldap: looking for check items in directory... rlm_ldap: looking for reply items in directory... rlm_ldap: user A208534 authorized to use remote access rlm_ldap: ldap_release_conn: Release Id: 0 modcall[authorize]: module "ldap" returns ok for request 4 modcall: leaving group authorize (returns ok) for request 4 rad_check_password: Found Auth-Type LDAP auth: type "LDAP" Processing the authenticate section of radiusd.conf modcall: entering group LDAP for request 4 rlm_ldap: - authenticate rlm_ldap: Attribute "User-Password" is required for authentication. modcall[authenticate]: module "ldap" returns invalid for request 4 modcall: leaving group LDAP (returns invalid) for request 4 auth: Failed to validate the user.
Thanks for help
Matthieu
PS : Sorry for my english!
Users mailing list Users@openser.org http://openser.org/cgi-bin/mailman/listinfo/users
Users mailing list Users@openser.org http://openser.org/cgi-bin/mailman/listinfo/users
-
Daniel-Constantin Mierla -
Dubromez Matthieu