AD Authentication + radius + foundryAP

Alan DeKok aland at deployingradius.com
Tue May 17 20:43:27 CEST 2011


Mark Pipkin wrote:
> was highlighted in read. To you it might be obvious what this means.  To
> me, I don't really understand it, except that later one in the debug I
> get :

  You're supposed to read the output.  Only looking at *part* of it
means you can only solve *part* of the problem.

  Here's the key pieces of your original post:

...
pap] WARNING! No "known good" password found for the user.
Authentication may fail because of this.
++[pap] returns noop
Found Auth-Type = EAP
+- entering group authenticate {...}
[eap] Request found, released from the list
[eap] EAP/leap
[eap] processing type leap
rlm_eap_leap: No Cleartext-Password or NT-Password configured for this user
...

  What does that look like to you?

  Are the debug messages helpful?

  Do they accurately describe the problem, and give you hints for the
solution?

> I don't know much about FreeRadius.  I have never had to work with a
> radius server of any type before.  I do apologize, but while this stuff
> might be obvious to someone that created it or works in radius servers
> every day of the week, I am not that person.  So to me, the only obvious
> thing is that I get rejected at leap, while another radius server that
> is running FreeRadius 1.x on Getoo is working just find with mschapv2.

  The PC is choosing LEAP, not FreeRADIUS.

  Configure the PC to use LEAP, as was suggested in *another* response
to your post.

  Alan DeKok.



More information about the Freeradius-Users mailing list