Hello<br><br>I am trying to get Freeradius to authenticate end-user
using Active Directory. The end-user will be using be there AD
username and password to login to network devices. Would some please
help me? I have embedded a copy of the debug log from the radius
server.<br>
<br>rad_recv: Access-Request packet from host <a href="http://192.168.168.252:1645/" target="_blank">192.168.168.252:1645</a>, id=94, length=92<br> User-Name = "svc-ldap-01@corp-test"<br> User-Password = "WindowsXP!"<br>
Service-Type = NAS-Prompt-User<br> NAS-IP-Address = 192.168.168.252<br> NAS-Port = 10<br> Calling-Station-Id = "192.168.168.194"<br> Processing the authorize section of radiusd.conf<br>
modcall: entering group authorize for request 0<br> modcall[authorize]: module "preprocess" returns ok for request 0<br> modcall[authorize]: module "chap" returns noop for request 0<br> modcall[authorize]: module "mschap" returns noop for request 0<br>
rlm_realm: Looking up realm "corp-test" for User-Name = "svc-ldap-01@corp-test"<br> rlm_realm: No such realm "corp-test"<br> modcall[authorize]: module "suffix" returns noop for request 0<br>
rlm_eap: No EAP-Message, not doing EAP<br> modcall[authorize]: module "eap" returns noop for request 0<br> users: Matched entry DEFAULT at line 152<br> modcall[authorize]: module "files" returns ok for request 0<br>
modcall: leaving group authorize (returns ok) for request 0<br> rad_check_password: Found Auth-Type System<br>auth: type "System"<br> Processing the authenticate section of radiusd.conf<br>modcall: entering group authenticate for request 0<br>
modcall[authenticate]: module "unix" returns notfound for request 0<br>modcall: leaving group authenticate (returns notfound) for request 0<br>auth: Failed to validate the user.<br>Delaying request 0 for 1 seconds<br>
Finished request 0<br>Going to the next request<br>--- Walking the entire request list ---<br>Waking up in 1 seconds...<br>--- Walking the entire request list ---<br>Waking up in 1 seconds...<br>--- Walking the entire request list ---<br>
Sending Access-Reject of id 94 to 192.168.168.252 port 1645<br>Waking up in 4 seconds...<br>--- Walking the entire request list ---<br>Cleaning up request 0 ID 94 with timestamp 4cbf5aee<br>Nothing to do. Sleeping until we see a request.<br>
rad_recv: Access-Request packet from host <a href="http://192.168.168.252:1645/" target="_blank">192.168.168.252:1645</a>, id=95, length=104<br> User-Name = "<a href="mailto:svc-ldap-01@corp-test.weather.com" target="_blank">svc-ldap-01@corp-test.weather.com</a>"<br>
User-Password = "WindowsXP!"<br> Service-Type = NAS-Prompt-User<br> NAS-IP-Address = 192.168.168.252<br> NAS-Port = 10<br> Calling-Station-Id = "192.168.168.194"<br>
Processing the authorize section of radiusd.conf<br>modcall: entering group authorize for request 1<br> modcall[authorize]: module "preprocess" returns ok for request 1<br> modcall[authorize]: module "chap" returns noop for request 1<br>
modcall[authorize]: module "mschap" returns noop for request 1<br> rlm_realm: Looking up realm "<a href="http://corp-test.weather.com/" target="_blank">corp-test.weather.com</a>" for User-Name = "<a href="mailto:svc-ldap-01@corp-test.weather.com" target="_blank">svc-ldap-01@corp-test.weather.com</a>"<br>
rlm_realm: No such realm "<a href="http://corp-test.weather.com/" target="_blank">corp-test.weather.com</a>"<br> modcall[authorize]: module "suffix" returns noop for request 1<br> rlm_eap: No EAP-Message, not doing EAP<br>
modcall[authorize]: module "eap" returns noop for request 1<br> users: Matched entry DEFAULT at line 152<br> modcall[authorize]: module "files" returns ok for request 1<br>modcall: leaving group authorize (returns ok) for request 1<br>
rad_check_password: Found Auth-Type System<br>auth: type "System"<br> Processing the authenticate section of radiusd.conf<br>modcall: entering group authenticate for request 1<br> modcall[authenticate]: module "unix" returns notfound for request 1<br>
modcall: leaving group authenticate (returns notfound) for request 1<br>auth: Failed to validate the user.<br>Delaying request 1 for 1 seconds<br>Finished request 1<br>Going to the next request<br>--- Walking the entire request list ---<br>
Waking up in 1 seconds...<br>--- Walking the entire request list ---<br>Waking up in 1 seconds...<br>--- Walking the entire request list ---<br>Sending Access-Reject of id 95 to 192.168.168.252 port 1645<br>Waking up in 4 seconds...<br>
--- Walking the entire request list ---<br>Cleaning up request 1 ID 95 with timestamp 4cbf5b25<br>Nothing to do. Sleeping until we see a request.