Hi, I am not having much luck with getting Freeradius to work with PrivacyIDEA could someone help us ? Were using Centos7.... Thanks Keith
echo "User-Name=keith@test-ldap,User-Password=1234vviktrcgjlefrlnihfgklrfvbjvhcukggvekicnnjugf" | radclient localhost:1812 auth testing123
$RAD_REQUEST{'User-Password'} = &request:User-Password -> '1234vviktrcgjlefrlnihfgklrfvbjvhcukggvekicnnjugf'
(8) perl : &request:User-Name = $RAD_REQUEST{'User-Name'} -> 'keith@test-ldap'
(8) perl : &request:User-Password = $RAD_REQUEST{'User-Password'} -> '1234vviktrcgjlefrlnihfgklrfvbjvhcukggvekicnnjugf'
(8) [perl] = ok
(8) [preprocess] = ok
(8) [chap] = noop
(8) [mschap] = noop
(8) [digest] = noop
(8) suffix : Checking for suffix after "@"
(8) suffix : Looking up realm "test-ldap" for User-Name = "keith@test-ldap"
(8) suffix : No such realm "test-ldap"
(8) [suffix] = noop
(8) eap : No EAP-Message, not doing EAP
(8) [eap] = noop
(8) [files] = noop
(8) [expiration] = noop
(8) [logintime] = noop
(8) WARNING: pap : No "known good" password found for the user. Not setting Auth-Type
(8) WARNING: pap : Authentication will fail unless a "known good" password is available
(8) [pap] = noop
(8) } # authorize = ok
(8) ERROR: No Auth-Type found: rejecting the user via Post-Auth-Type = Reject
(8) Failed to authenticate the user
(8) Using Post-Auth-Type Reject
(8) # Executing group from file /etc/raddb/sites-enabled/privacyidea
(8) Post-Auth-Type REJECT {
(8) attr_filter.access_reject : EXPAND %{User-Name}
(8) attr_filter.access_reject : --> keith@test-ldap
(8) attr_filter.access_reject : Matched entry DEFAULT at line 11
(8) [attr_filter.access_reject] = updated
(8) eap : Request didn't contain an EAP-Message, not inserting EAP-Failure
(8) [eap] = noop
(8) remove_reply_message_if_eap remove_reply_message_if_eap {
(8) if (&reply:EAP-Message && &reply:Reply-Message)
(8) if (&reply:EAP-Message && &reply:Reply-Message) -> FALSE
(8) else else {
(8) [noop] = noop
(8) } # else else = noop
(8) } # remove_reply_message_if_eap remove_reply_message_if_eap = noop
(8) } # Post-Auth-Type REJECT = updated
(8) Delaying response for 1 seconds
Waking up in 0.3 seconds.
Waking up in 0.6 seconds.
(8) Sending delayed response
(8) Sending Access-Reject packet to host 127.0.0.1 port 52686, id=14, length=0
Sending Access-Reject Id 14 from
127.0.0.1:1812 to
127.0.0.1:52686Waking up in 3.9 seconds.
(8) Cleaning up request packet ID 14 with timestamp +526
Ready to process requests