Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- EAP Method: PEAP
- Phase 2 Authentication: None
- CA Certificate: Don't convalidate
- Identity: Elia
- Password: stackoverflow
- root@zenelia:~# radtest -x Elia stackoverflow localhost 0 secret
- Sending Access-Request of id 211 to 127.0.0.1 port 1812
- User-Name = "Elia"
- User-Password = "stackoverflow"
- NAS-IP-Address = 127.0.1.1
- NAS-Port = 0
- Message-Authenticator = 0x00000000000000000000000000000000
- rad_recv: Access-Accept packet from host 127.0.0.1 port 1812, id=211, length=20
- rad_recv: Access-Request packet from host 127.0.0.1 port 52877, id=91,
- length=74
- User-Name = "Elia"
- User-Password = "stackoverflow"
- NAS-IP-Address = 127.0.1.1
- NAS-Port = 0
- Message-Authenticator = 0x0cca55945b14f3caf1f8f1ab3374df4c
- # Executing section authorize from file /etc/freeradius/sites-enabled/default
- +group authorize {
- ++[preprocess] = ok
- ++[chap] = noop
- ++[mschap] = noop
- [eap] No EAP-Message, not doing EAP
- ++[eap] = noop
- [files] users: Matched entry DEFAULT at line 1
- ++[files] = ok
- [ldap] performing user authorization for Elia
- [ldap] expand: %{Stripped-User-Name} ->
- [ldap] ... expanding second conditional
- [ldap] expand: %{User-Name} -> Elia
- [ldap] expand: (sAMAccountName=%{%{Stripped-User-Name}:-%{User-Name}}) -> (sAMAccountName=Elia)
- [ldap] expand: DC=zentyal-domain,DC=lan -> DC=zentyal-domain,DC=lan
- [ldap] ldap_get_conn: Checking Id: 0
- [ldap] ldap_get_conn: Got Id: 0
- [ldap] attempting LDAP reconnection
- [ldap] (re)connect to ldap://127.0.0.1, authentication 0
- [ldap] bind as CN=zentyal-radius-zenelia,CN=Users,DC=zentyal-domain,DC=lan/ELEwgGNcoFmjQ@Yj5oJS to ldap://127.0.0.1
- [ldap] waiting for bind result ...
- [ldap] Bind was successful
- [ldap] performing search in DC=zentyal-domain,DC=lan, with filter (sAMAccountName=Elia)
- [ldap] rebind to URL ldap://zentyal-domain.lan/CN=Configuration,DC=zentyal-domain,DC=lan
- [ldap] No default NMAS login sequence
- [ldap] looking for check items in directory...
- [ldap] looking for reply items in directory...
- WARNING: No "known good" password was found in LDAP. Are you sure that the user is configured correctly?
- [ldap] Setting Auth-Type = LDAP
- [ldap] ldap_release_conn: Release Id: 0
- ++[ldap] = ok
- ++[expiration] = noop
- ++[logintime] = noop
- [pap] WARNING! No "known good" password found for the user. Authentication may fail because of this.
- ++[pap] = noop
- +} # group authorize = ok
- Found Auth-Type = LDAP
- # Executing group from file /etc/freeradius/sites-enabled/default
- +group LDAP {
- [ldap] login attempt by "Elia" with password "stackoverflow"
- [ldap] user DN: CN=Elia Perantoni,CN=Users,DC=zentyal-domain,DC=lan
- [ldap] (re)connect to ldap://127.0.0.1, authentication 1
- [ldap] bind as CN=Elia Perantoni,CN=Users,DC=zentyal-domain,DC=lan/stackoverflow to ldap://127.0.0.1
- [ldap] waiting for bind result ...
- [ldap] Bind was successful
- [ldap] user Elia authenticated succesfully
- ++[ldap] = ok
- +} # group LDAP = ok
- Login OK: [Elia] (from client 127.0.0.1/32 port 0)
- # Executing section post-auth from file /etc/freeradius/sites-enabled/default
- +group post-auth {
- ++[exec] = noop
- +} # group post-auth = noop
- Sending Access-Accept of id 91 to 127.0.0.1 port 52877
- Finished request 0.
- Going to the next request
- Waking up in 4.9 seconds.
- Cleaning up request 0 ID 91 with timestamp +8
- Ready to process requests.
- root@zenelia:~# radtest -x -t mschap Elia stackoverflow localhost 0 secret
- Sending Access-Request of id 183 to 127.0.0.1 port 1812
- User-Name = "Elia"
- NAS-IP-Address = 127.0.1.1
- NAS-Port = 0
- Message-Authenticator = 0x00000000000000000000000000000000
- MS-CHAP-Challenge = 0xf7a1a65b013d5d6b
- MS-CHAP-Response = 0x0001000000000000000000000000000000000000000000000000f024d5b89a20308d6a54dffacb2c4bb6ca20a6deedaebf71
- rad_recv: Access-Reject packet from host 127.0.0.1 port 1812, id=183, length=38
- MS-CHAP-Error = "