Search

	display results
words begin exact words any words part

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[FW-1] Ldap Authentication for Securemote (NG)

To: [email protected]
Subject: [FW-1] Ldap Authentication for Securemote (NG)
From: michael toietwq <[email protected]>
Date: Wed, 5 Dec 2001 05:34:40 -0800
In-reply-to: <[email protected]>
Reply-to: Mailing list for discussion of Firewall-1 <[email protected]>
Sender: Mailing list for discussion of Firewall-1 <[email protected]>

Hi all,

I am just trying to get the Usermanagement with Ldap
working. I am using Secureclient NG, NG Firewall, and
Openldap 2.0.15.

I have adapted the schema, and can manage Users via
the fw1 gui. (add + delete  users, groups etc. )

but whenever i wanna use a (ldap definded) user with
securemote, i get the following error message:
"No pre-shared secret defined for user"
on both, the client, and the firewalllog.

But the authentication method i want to use is:
"Internal Password", because i want to use the hybrid
mode... (according to my ldapsearch, the
authentications seems to be properly defined.
--> I have attached a testuser ldapseach output

The firewall (according to the debug of openldap)
querys the ldap server, and seems to find the user.
(If i use a non-existent user,  securemote complains
about an unknown user...)


Any help appreciated!
Michael



--------------testuser-----------------
# hallo, testgruppr, testme, at
dn: cn=hallo,ou=testgruppr,o=testme,c=at
cn: hallo
uid: hallo
sn: hallo
description: no value
mail: no value
fw1grouptemplate: TRUE
fw1expiration-date: 20011231
fw1auth-method: Internal Password
fw1userPwdPolicy: 0
fw1ISAKMP-EncMethod: DES
fw1ISAKMP-EncMethod: 3DES
fw1enc-methods: ISAKMP
fw1ISAKMP-HashMethods: MD5
fw1ISAKMP-HashMethods: SHA1
fw1ISAKMP-Transform: ESP
fw1ISAKMP-DataIntegrityMethod: SHA1
fw1ISAKMP-DataEncMethod: DES
fw1day: MON
fw1day: TUE
fw1day: WED
fw1day: THU
fw1day: FRI
fw1day: SAT
fw1day: SUN
fw1hour-range-from: 00:00
fw1hour-range-to: 23:59
fw1allowed-dst: Any
fw1allowed-src: Any
fw1sr-auth-track: cryptlog
fw1pwdlastmod: 20011205
userPassword:: e0NSWVBUfVJBWE9ZdS9GeFR0UFk=
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
objectClass: fw1Person
fw1ISAKMP-AuthMethods: no value

__________________________________________________
Do You Yahoo!?
Buy the perfect holiday gifts at Yahoo! Shopping.
http://shopping.yahoo.com

===============================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
===============================================

References:
- Re: [FW-1] SecuRemote & UDP Encapsulation
  - From: Ivan More <[email protected]>

Prev by Date: [FW-1] PASV FTP on different port
Next by Date: Re: [FW-1] PASV FTP on different port
Previous by thread: Re: [FW-1] SecuRemote & UDP Encapsulation
Next by thread: Re: [FW-1] SecuRemote & UDP Encapsulation
Index(es):
- Date
- Thread