Alexandros Gougousoudis wrote:
A host-based authentification for my workstations. All the names of the workstations are in LDAP, the authentification itself should be done with EAP-TLS. I would like to have a hint, how to start EAP when the LDAP-Query was successfull.
You don't. Instead, do reject the user if the LDAP query failed.
The LDAP-Query works I think, FR says: [ldap] user scit-beerchen authorized to use remote access, but then it tries to make some kind of password authentification (I have no password for workstations in LDAP), and is not starting EAP-TLS. The asking host "scit-beerchen" is in the WLAN-User Group.
What could I do?
Read the debug log you posted to the list. You're forcing Auth-Type, and using ntlm_auth for EAP-TLS. This is wrong. Don't force Auth-Type. Alan DeKok.