I have problem when in Fedora using radtest against LDAP This is part of /etc/raddb/radiusd.conf: ldap { server = "localhost" basedn = "ou=people,dc=mydomain,dc=com" filter = "(uid=%{Stripped-User-Name:-%{User-Name}})" dictionary_mapping = ${raddbdir}/ldap.attrmap ldap_connections_number = 5 password_attribute = userPassword (member=%{Ldap-UserDn}))(&(objectClass=GroupOfUniqueNames) (uniquemember=%{Ldap-UserDn})))" timeout = 4 timelimit = 3 net_timeout = 1 } authorize { chap mschap suffix eap files ldap checkval } And this a portion of /etc/raddb/users: DEFAULT Auth-Type = System Fall-Through = 1 DEFAULT Auth-Type = LDAP Fall-Through = 1 I've appended the schemas in /etc/openldap/slapd.conf: /usr/share/doc/freeradius-1.0.4/RADIUS-LDAPv3.schema /usr/share/doc/freeradius-1.0.4/RADIUS-LDAP.schema Well, when I issue radtest in debug mode I get: radtest testuser sample localhost 0 testing123 Sending Access-Request of id 88 to 127.0.0.1:1812 User-Name = "testuser" User-Password = "sample" NAS-IP-Address = host.mydomain.com NAS-Port = 0 rad_recv: Access-Request packet from host 127.0.0.1:42077, id=88, length=58 User-Name = "testuser" User-Password = "sample" NAS-IP-Address = 255.255.255.255 NAS-Port = 0 Processing the authorize section of radiusd.conf modcall: entering group authorize for request 2 modcall[authorize]: module "preprocess" returns ok for request 2 modcall[authorize]: module "chap" returns noop for request 2 modcall[authorize]: module "mschap" returns noop for request 2 rlm_realm: No '@' in User-Name = "testuser", looking up realm NULL rlm_realm: No such realm "NULL" modcall[authorize]: module "suffix" returns noop for request 2 rlm_eap: No EAP-Message, not doing EAP modcall[authorize]: module "eap" returns noop for request 2 users: Matched entry DEFAULT at line 152 users: Matched entry DEFAULT at line 155 modcall[authorize]: module "files" returns ok for request 2 rlm_ldap: - authorize rlm_ldap: performing user authorization for testuser radius_xlat: '(uid=testuser)' radius_xlat: 'ou=people,dc=mydomain,dc=com' rlm_ldap: ldap_get_conn: Checking Id: 0 rlm_ldap: ldap_get_conn: Got Id: 0 rlm_ldap: performing search in ou=people,dc=mydomain,dc=com, with filter (uid=testuser) rlm_ldap: Added password sample in check items rlm_ldap: looking for check items in directory... rlm_ldap: looking for reply items in directory... rlm_ldap: user testuser authorized to use remote access rlm_ldap: ldap_release_conn: Release Id: 0 modcall[authorize]: module "ldap" returns ok for request 2 modcall: group authorize returns ok for request 2 rad_check_password: Found Auth-Type System auth: type "System" Processing the authenticate section of radiusd.conf modcall: entering group authenticate for request 2 modcall[authenticate]: module "unix" returns notfound for request 2 modcall: group authenticate returns notfound for request 2 auth: Failed to validate the user. Delaying request 2 for 1 seconds Finished request 2 Going to the next request --- Walking the entire request list --- Waking up in 1 seconds... --- Walking the entire request list --- Waking up in 1 seconds... --- Walking the entire request list --- Sending Access-Reject of id 88 to 127.0.0.1:42077 Waking up in 4 seconds... rad_recv: Access-Reject packet from host 127.0.0.1:1812, id=88, length=20 17:20:33 [root@spike] /etc/raddb $ --- Walking the entire request list --- Cleaning up request 2 ID 88 with timestamp 46dc6c8f Nothing to do. Sleeping until we see a request. Please could you lend me a hand to resolv this issue? Thanks in advance! -- Sergio Belkin Comunicación e Internet