Authenticate users via AD and checking group membership:SOLVED

Godfrey Peart grpeart at googlemail.com
Sun Jan 18 23:55:19 CET 2009 

Thanks for that, can now see attributes being received by my NAS

Found Auth-Type = EAP
+- entering group authenticate {...}
[eap] Request found, released from the list
[eap] EAP/peap
[eap] processing type peap
[peap] processing EAP-TLS
[peap] eaptls_verify returned 7
[peap] Done initial handshake
[peap] eaptls_process returned 7
[peap] EAPTLS_OK
[peap] Session established.  Decoding tunneled attributes.
[peap] Received EAP-TLV response.
[peap] Success
[peap] Using saved attributes from the original Access-Accept
[eap] Freeing handler
++[eap] returns ok
+- entering group post-auth {...}
[sql]   expand: %{User-Name} -> radman02
[sql] sql_set_user escaped user --> 'radman02'
[sql]   expand: %{User-Password} ->
[sql]   expand: %{Chap-Password} ->
[sql]   expand: INSERT INTO radpostauth                           (username,
pass, reply, authdate)                           VALUES
(                           '%{User-Name}',

'%{%{User-Password}:-%{Chap-Password}}',
'%{reply:Packet-Type}', '%S') -> INSERT INTO
radpostauth                           (us
ername, pass, reply, authdate)                           VALUES
(                           'radman02',
'',                           'Access-Accept', '
2009-01-18 22:43:47')
rlm_sql (sql) in sql_postauth: query is INSERT INTO
radpostauth                           (username, pass, reply,
authdate)                           VALUES (
       'radman02',                           '',
'Access-Accept', '2009-01-18 22:43:47')
rlm_sql (sql): Reserving sql socket id: 1
rlm_sql (sql): Released sql socket id: 1
++[sql] returns ok
++[exec] returns noop
Sending Access-Accept of id 180 to 140.97.3.29 port 1645
        Tunnel-Medium-Type:0 = IEEE-802
        Tunnel-Private-Group-Id:0 = "staff"
        Tunnel-Type:0 = VLAN
        User-Name = "radman02"
        MS-MPPE-Recv-Key =
0x467fedcc7b18167ddb432067c80db040b838295c47071a357e2d53785a2d2968
        MS-MPPE-Send-Key =
0x8e6e1ce87235db5f65d5b7fdee69157be77cd18cd311416462dc1194e325de8f
        EAP-Message = 0x030c0004
        Message-Authenticator = 0x00000000000000000000000000000000
Finished request 22.
Going to the next request
Waking up in 4.6 seconds.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20090118/70de038b/attachment.html>

More information about the Freeradius-Users mailing list