freeradius active directory integration fails with "no such realm"

Andrei-Florian Staicu andrei.staicu at gmail.com
Mon Jul 6 19:09:32 CEST 2009


Hello all,

I tried to configure freeradius 2.0.4 on debian 5.0.2 (after recompiling 
with openssl support, as instructed in the debian readme) for 
authenticating wireless connections with wpa2-enterprise, using active 
directory user/password (windows xp as clients, d-link dwl 2200ap as ap's).
I followed the how-to from 
http://wiki.freeradius.org/FreeRADIUS_Active_Directory_Integration_HOWTO 
, but somehow i seem to fail.
I know i should post here the configurations and the output of 
freeradius -X , but they are very long and i don't know what i should 
select.

One thing stands out though in the output of freeradius -X (only after 
changing the order of suffix and ntdomain in sites-available/default and 
radiusd.conf:
++[mschap] returns noop
rlm_realm: Looking up realm "IPSO0" for User-Name = "IPSO0\andrei.staicu"
rlm_realm: No such realm "IPSO0"
++[ntdomain] returns noop
rlm_realm: No '@' in User-Name = "IPSO0\andrei.staicu", looking up realm 
NULL
rlm_realm: No such realm "NULL"

IPSO0 is the realm name for the domain ipso.biz (not the public site; 
this is internal and resolved as such by our dns)
I've tried for about two weeks now, but i still have no ideea on how to 
define the realm IPSO0.

ntlm_auth works on that server:
ntlm_auth --request-nt-key --username andrei.staicu --domain IPSO0
password:
NT_STATUS_OK: Success (0x0)
(note on this: using ntlm_auth –-request-nt-key –-domain=<your domain> 
–-username= <your username> as in the howto doesen't seem to work, but 
ntlm_auth –-request-nt-key –-domain <your domain> –-username <your 
username> works)

Could you give me some pointers on how to continue? I've ran out of 
options with this one. If all the configuration files and all the output 
of freeradius -X are required, i'll post them in a pastebin and link here.

Thanks in advance



More information about the Freeradius-Users mailing list