<div dir="ltr">Hi Nicolas,<div><br></div><div>I browsed a little of your error and your conf files to notice you are still missing a LOT of bits of a standard freeradius configuration to connect to an AD. mschap encryptition strength, configuration of EAP tunnels and protocols, actual domain not defined in FreeRadius/proxy.conf, and then not yet VLANs (ok, not probably at this time of the game, but you eventually will get there).</div>
<div><br></div><div>You would better search and use in freeradius and Janet for tutorials about configuring RADIUS for AD. It is not as simples as tweaking the config files. </div><div><br></div><div>About the certificates, I hope you dont use the current ones in production, as you just published them to the world at large.</div>
<div><br></div><div>One last note, 2.1.12 FreeRadius has serious bugs working with AD (it works, but crashes a lot). I would recommend at least 2.2.5 or going directly to version 3.x.</div><div><br></div><div>Regards,</div>
<div>Rui Ribeiro<br><div class="gmail_extra"><br><div class="gmail_quote"><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"> <br>
Message: 2<br>
Date: Wed, 13 Aug 2014 10:58:31 +0200<br>
From: <a href="mailto:nfischer@hush.com">nfischer@hush.com</a><br>
To: <a href="mailto:freeradius-users@lists.freeradius.org">freeradius-users@lists.freeradius.org</a><br>
Subject: freeRADIUS -> AD Auth (<100kb)<br>
Message-ID: <<a href="mailto:20140813085831.79D2B60960@smtp.hushmail.com">20140813085831.79D2B60960@smtp.hushmail.com</a>><br>
Content-Type: text/plain; charset="utf-8"<br>
<br>
Hi there!<br>
<br>
I have a problem with the auth against an Active Directory.<br>
I would be very thankfull if you could help me.<br>
<br>
Im tring to setup an WiFi Network where the Useres can auth with their<br>
AD Useraccs,<br>
<br>
Setup:<br>
WiFi-Router with DD-WRT<br>
Ubuntu 10.04LTS with FreeRADIUS kerberus samba etc.<br>
AD at a Windows Server 2008 SBS (Total mess never install it!)<br>
<br>
The communicatuion W-Lan Client->Router->FreeRADIUS runs.<br>
The Ubuntu Server is in the Domain, wbinfo -u gives me all Users.<br>
The auth via NTLM_AUTH runns too:<br>
/etc/freeradius$ ntlm_auth --request-nt-key --domain=DOMAINNAME<br>
--username=USERNAME<br>
Password:<br>
NT_STATUS_OK: Success (0x0)<br>
<br>
I think just FreeRADIUS is configured wrong.<br>
The auth fails, respectively does not take place.<br>
<br>
I put the config files and the freeradius -X output in the attachment.<br>
(I removed a few unimportant configfiles to not hit the 100kb limit of<br>
this mailinglist.)<br>
<br>
Many thanks in advance!<br></blockquote></div></div></div></div>