Bug 57773 - Broken EAP-TTLS FreeRADIUS configuration
Summary: Broken EAP-TTLS FreeRADIUS configuration
Status: NEW
Alias: None
Product: UCS
Classification: Unclassified
Component: Radius
Version: UCS 5.2
Hardware: Other Linux
: P5 normal
Target Milestone: ---
Assignee: UCS maintainers
QA Contact: UCS maintainers
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2024-11-26 16:09 CET by Marius Meschter
Modified: 2024-11-28 14:00 CET (History)
2 users (show)

See Also:
What kind of report is it?: Development Internal
What type of bug is this?: ---
Who will be affected by this bug?: ---
How will those affected feel about the bug?: ---
User Pain:
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:
Bug group (optional):
Customer ID:
Max CVSS v3 score:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Marius Meschter univentionstaff 2024-11-26 16:09:09 CET 
Enabling EAP-TTLS with the UCRVs
ucr set freeradius/conf/auth-type/mschap=no
ucr set freeradius/conf/auth-type/ttls=yes
prevents FreeRADIUS from starting. This is due to a broken configuration file `/etc/freeradius/3.0/mods-enabled/eap`
If the config file is fixed by hand EAP-TTLS with PAP still fails due to broken ldap filters 
`Auth: (1) Invalid user (ldap: Unable to create filter):`