<span style="font-family: Arial; font-size: 13px;">Hi thanks for your reply.<br><br>I followed a couple of tutorials but they don´t work for me.<br>Do you know a good one?<br>I don´t want to use VLANs at this point.<br><br>I have a question for the FreeRadius/proxy.conf<br>what sould it look like?<br><br>realm DOMAINNAME {<br> authhost = DomainControler.OBLAN.LOCAL:1600<br> accthost = DomainControler.OBLAN.LOCAL:1601<br> secret = testing123<br>}<br><br>BTW: the Domain is named oblan.local does this cause a problem?<br><br>I will use the company certs later.<br><br>Another question:<br>I have deactivated the service RAS&Routing on the DC.<br>I that <span id="result_box" class="short_text" lang="en"><span class="hps">necessary for freeRADIUS?</span></span><br><br>-- <br>
Mit freundlichem Gruß<br>
Nicolas Fischer<br><blockquote style="border-left:solid 1px #ccc;margin-left:10px;padding-left:10px;"><div dir="ltr">Hi Nicolas,<div><br></div><div>I browsed a little of your error and your conf files to notice you are still missing a LOT of bits of a standard freeradius configuration to connect to an AD. mschap encryptition strength, configuration of EAP tunnels and protocols, actual domain not defined in FreeRadius/proxy.conf, and then not yet VLANs (ok, not probably at this time of the game, but you eventually will get there).</div>
<div><br></div><div>You would better search and use in freeradius and Janet for tutorials about configuring RADIUS for AD. It is not as simples as tweaking the config files. </div><div><br></div><div>About the certificates, I hope you dont use the current ones in production, as you just published them to the world at large.</div>
<div><br></div><div>One last note, 2.1.12 FreeRadius has serious bugs working with AD (it works, but crashes a lot). I would recommend at least 2.2.5 or going directly to version 3.x.</div><div><br></div><div>Regards,</div>
<div>Rui Ribeiro<br><div class="gmail_extra"><br><div class="gmail_quote"><blockquote class="gmail_quote" style="border-left:1px #ccc solid;padding-left:1ex;margin:0 0 0 .8ex;"> <br>
Message: 2<br>
Date: Wed, 13 Aug 2014 10:58:31 +0200<br>
From: <a>nfischer@hush.com</a><br>
To: <a>freeradius-users@lists.freeradius.org</a><br>
Subject: freeRADIUS -> AD Auth (<100kb)<br>
Message-ID: <<a>20140813085831.79D2B60960@smtp.hushmail.com</a>><br>
Content-Type: text/plain; charset="utf-8"<br>
<br>
Hi there!<br>
<br>
I have a problem with the auth against an Active Directory.<br>
I would be very thankfull if you could help me.<br>
<br>
Im tring to setup an WiFi Network where the Useres can auth with their<br>
AD Useraccs,<br>
<br>
Setup:<br>
WiFi-Router with DD-WRT<br>
Ubuntu 10.04LTS with FreeRADIUS kerberus samba etc.<br>
AD at a Windows Server 2008 SBS (Total mess never install it!)<br>
<br>
The communicatuion W-Lan Client->Router->FreeRADIUS runs.<br>
The Ubuntu Server is in the Domain, wbinfo -u gives me all Users.<br>
The auth via NTLM_AUTH runns too:<br>
/etc/freeradius$ ntlm_auth --request-nt-key --domain=DOMAINNAME<br>
--username=USERNAME<br>
Password:<br>
NT_STATUS_OK: Success (0x0)<br>
<br>
I think just FreeRADIUS is configured wrong.<br>
The auth fails, respectively does not take place.<br>
<br>
I put the config files and the freeradius -X output in the attachment.<br>
(I removed a few unimportant configfiles to not hit the 100kb limit of<br>
this mailinglist.)<br>
<br>
Many thanks in advance!<br></blockquote></div></div></div></div></blockquote></span>