On Jun 15, 2017, at 12:22 PM, Alejandro Cabrera Obed <aco1967@gmail.com> wrote:
Dear, we have a Freeradius 2.2.5 server in order to authenticate WiFi users from cell phones and notebooks.
In the case of cell phones, the users type the corresponding usernames and passwords and after that Freeradius passes it to the AD and everything works OK.
That's good.
In the case of the notebooks, the Windows users are logged into our DC domain, then they type the username or username@domain or domain\username with the corresponding passwords but in theses cases they can't authenticate against the AD (there is a reject message in the Freradius log).
So... what is the reject message? Please post the full debug output as suggested in the FAQ, "man" pages, wiki, and daily on this list.
In case they are not logged into the domain, and they are local users in the notebooks, if they type just their usernames (without domain) they authenticate OK.
That's good.
So how can I authenticate Windows users against the AD when they are logged into the domain??? Do I have to define a special directive in a config file from freeradius, winbind or samba?
It's not magic. But it DOES require that you read the debug output. Alan DeKok.