freeradius compiled version (lastest) against active directoryauthentication
tnt at kalik.net
tnt at kalik.net
Tue Sep 30 17:47:30 CEST 2008
> Have you tried my web site (deployingradius.com) ? It has a
>"howto"
>for configuring authentication against Active Directory.
>
>i all ready read it and he does not work
>
>
>check it out the output
>
>------------------------------------
>
>
>Listening on authentication address * port 1812
>Listening on accounting address * port 1813
>Listening on proxy address * port 1814
>Ready to process requests.
>rad_recv: Access-Request packet from host 127.0.0.1 port 49964, id=37, length=72
> User-Name = "luis"
> User-Password = "x"
> NAS-IP-Address = xx.xx.xx.x
> NAS-Port = 0
This is a pap request. ntlm_auth is configured in mschap. Send an mschap
request. Or configure ldap "bind as user" if you are going to have pap
requests.
>
>
>
>-------------------
>and also when i remplace
>DEFAULT Auth-Type = System
>
>i get this message .
>
..
>Found Auth-Type = System
>+- entering group authenticate {...}
>[unix] invalid password "luis"
>++[unix] returns reject
>Failed to authenticate the user.
That is OK. user "luis" was found but password was wrong. But it looks
like (I still can't figure out what is it that you want to do) you
don't actually want to authenticate against local users but AD.
So what do you want to do:
- authenticate against AD?
- or against users of the local system?
- or both?
What type of requests are you going to recieve:
- pap?
- mschap (PEAP)?
- both?
Ivan Kalik
Kalik Informatika ISP
Ivan Kalik
Kalik Informatika ISP
More information about the Freeradius-Users
mailing list