|
1
|
(0) Received Access-Request Id 246 from 127.0.0.1:7288 to 127.0.0.1:1812 length 116
|
|
2
|
(0) Service-Type = Login-User
|
|
3
|
(0) User-Name = "ettore"
|
|
4
|
(0) User-Password = "xxxxxxxxxx"
|
|
5
|
(0) NAS-IP-Address = 192.168.1.23
|
|
6
|
(0) NAS-Identifier = "pfSense.home.arpa"
|
|
7
|
(0) Called-Station-Id = "08:00:27:f4:19:11:pfSense.home.arpa"
|
|
8
|
(0) # Executing section authorize from file /usr/local/etc/raddb/sites-enabled/default
|
|
9
|
(0) authorize {
|
|
10
|
(0) [preprocess] = ok
|
|
11
|
(0) [chap] = noop
|
|
12
|
(0) [mschap] = noop
|
|
13
|
(0) [digest] = noop
|
|
14
|
(0) suffix: Checking for suffix after "@"
|
|
15
|
(0) suffix: No '@' in User-Name = "ettore", skipping NULL due to config.
|
|
16
|
(0) [suffix] = noop
|
|
17
|
(0) ntdomain: Checking for prefix before "\"
|
|
18
|
(0) ntdomain: No '\' in User-Name = "ettore", skipping NULL due to config.
|
|
19
|
(0) [ntdomain] = noop
|
|
20
|
(0) eap: No EAP-Message, not doing EAP
|
|
21
|
(0) [eap] = noop
|
|
22
|
(0) [files] = noop
|
|
23
|
(0) if (true) {
|
|
24
|
(0) if (true) -> TRUE
|
|
25
|
(0) if (true) {
|
|
26
|
(0) redundant {
|
|
27
|
rlm_ldap (ldap): 0 of 0 connections in use. You may need to increase "spare"
|
|
28
|
rlm_ldap (ldap): Opening additional connection (0), 1 of 5 pending slots used
|
|
29
|
rlm_ldap (ldap): Connecting to ldap://192.168.1.24:636
|
|
30
|
rlm_ldap (ldap): Waiting for bind result...
|
|
31
|
rlm_ldap (ldap): Bind successful
|
|
32
|
rlm_ldap (ldap): Reserved connection (0)
|
|
33
|
(0) ldap: EXPAND (uid=%{%{Stripped-User-Name}:-%{User-Name}})
|
|
34
|
(0) ldap: --> (uid=ettore)
|
|
35
|
(0) ldap: Performing search in "o=basedn" with filter "(uid=ettore)", scope "sub"
|
|
36
|
(0) ldap: Waiting for search result...
|
|
37
|
(0) ldap: User object found at DN "uid=ettore,OU=Dipendenti,O=basedn"
|
|
38
|
(0) ldap: Processing user attributes
|
|
39
|
(0) ldap: WARNING: No "known good" password added. Ensure the admin user has permission to read the password attribute
|
|
40
|
(0) ldap: WARNING: PAP authentication will *NOT* work with Active Directory (if that is what you were trying to configure)
|
|
41
|
rlm_ldap (ldap): Released connection (0)
|
|
42
|
Need 4 more connections to reach min connections (5)
|
|
43
|
Need more connections to reach 0 spares
|
|
44
|
rlm_ldap (ldap): Opening additional connection (1), 1 of 4 pending slots used
|
|
45
|
rlm_ldap (ldap): Connecting to ldap://192.168.1.24:636
|
|
46
|
rlm_ldap (ldap): Waiting for bind result...
|
|
47
|
rlm_ldap (ldap): Bind successful
|
|
48
|
(0) [ldap] = ok
|
|
49
|
(0) } # redundant = ok
|
|
50
|
(0) if ((ok || updated) && User-Password && !control:Auth-Type) {
|
|
51
|
(0) if ((ok || updated) && User-Password && !control:Auth-Type) -> TRUE
|
|
52
|
(0) if ((ok || updated) && User-Password && !control:Auth-Type) {
|
|
53
|
(0) update {
|
|
54
|
(0) control:Auth-Type := LDAP
|
|
55
|
(0) } # update = noop
|
|
56
|
(0) } # if ((ok || updated) && User-Password && !control:Auth-Type) = noop
|
|
57
|
(0) } # if (true) = ok
|
|
58
|
rlm_counter: Entering module authorize code
|
|
59
|
rlm_counter: Could not find Check item value pair
|
|
60
|
(0) [daily] = noop
|
|
61
|
rlm_counter: Entering module authorize code
|
|
62
|
rlm_counter: Could not find Check item value pair
|
|
63
|
(0) [weekly] = noop
|
|
64
|
rlm_counter: Entering module authorize code
|
|
65
|
rlm_counter: Could not find Check item value pair
|
|
66
|
(0) [monthly] = noop
|
|
67
|
rlm_counter: Entering module authorize code
|
|
68
|
rlm_counter: Could not find Check item value pair
|
|
69
|
(0) [forever] = noop
|
|
70
|
(0) if (&request:Calling-Station-Id == &control:Calling-Station-Id) {
|
|
71
|
(0) ERROR: Failed retrieving values required to evaluate condition
|
|
72
|
(0) [expiration] = noop
|
|
73
|
(0) [logintime] = noop
|
|
74
|
Not doing PAP as Auth-Type is already set.
|
|
75
|
(0) [pap] = noop
|
|
76
|
(0) } # authorize = ok
|
|
77
|
(0) Found Auth-Type = LDAP
|
|
78
|
(0) # Executing group from file /usr/local/etc/raddb/sites-enabled/default
|
|
79
|
(0) Auth-Type LDAP {
|
|
80
|
rlm_ldap (ldap): Reserved connection (0)
|
|
81
|
(0) ldap: Login attempt by "ettore"
|
|
82
|
(0) ldap: Using user DN from request "uid=ettore,OU=Dipendenti,O=basedn"
|
|
83
|
(0) ldap: Waiting for bind result...
|
|
84
|
(0) ldap: Bind successful
|
|
85
|
(0) ldap: Bind as user "uid=ettore,OU=Dipendenti,O=basedn" was successful
|
|
86
|
rlm_ldap (ldap): Released connection (0)
|
|
87
|
(0) [ldap] = ok
|
|
88
|
(0) } # Auth-Type LDAP = ok
|
|
89
|
(0) # Executing section post-auth from file /usr/local/etc/raddb/sites-enabled/default
|
|
90
|
(0) post-auth {
|
|
91
|
(0) update {
|
|
92
|
(0) No attributes updated for RHS &session-state:
|
|
93
|
(0) } # update = noop
|
|
94
|
(0) [exec] = noop
|
|
95
|
(0) policy remove_reply_message_if_eap {
|
|
96
|
(0) if (&reply:EAP-Message && &reply:Reply-Message) {
|
|
97
|
(0) if (&reply:EAP-Message && &reply:Reply-Message) -> FALSE
|
|
98
|
(0) else {
|
|
99
|
(0) [noop] = noop
|
|
100
|
(0) } # else = noop
|
|
101
|
(0) } # policy remove_reply_message_if_eap = noop
|
|
102
|
(0) } # post-auth = noop
|
|
103
|
(0) Login OK: [ettore] (from client localhost port 0)
|
|
104
|
(0) Sent Access-Accept Id 246 from 127.0.0.1:1812 to 127.0.0.1:7288 length 20
|
|
105
|
(0) Finished request
|
|
106
|
Waking up in 4.9 seconds.
|
|
107
|
(0) Cleaning up request packet ID 246 with timestamp +10
|
|
108
|
|