Beating a dead horse, or freeradius 2.1.1 and active directory
Ben Little
BLittle at skylight.com
Wed Dec 3 23:50:17 CET 2008
Well that's certainly news to me...
# net ads testjoin
Join is OK
:-)
Just so you know I'm *NOT* trying to configure 802.1x suplicant authentication here, I'm trying to configure radius authentication for administrative access to the vty lines of the cisco equipment in question. I've followed the "how-to" twice now, to the letter of the how-to and it's not working. Did you see the response that suggested that it may not be possible for this to work since the mschap implementation from Cisco is not supported in freeradius?
[from eap.conf]
# This module is the *Microsoft* implementation of MS-CHAPv2
# in EAP. There is another (incompatible) implementation
# of MS-CHAPv2 in EAP by Cisco, which FreeRADIUS does not
# currently support.
Just so you know, windows authentication is working on the tty of the server in question, I can log in as a windoze luser all day long on this particular server which would indicate to me that samba is indeed working just fine.
>
> No. freeradius is working fine. Samba isn't. Try posting your
> question on their list. That reply suggests that Samba
> machine wasn't joined to the domain.
>
More information about the Freeradius-Users
mailing list