I need some help authenticating against AD. I have followed directions online as best as I can, but things still aren't working as expected.
These: http://deployingradius.com/documents/configuration/active_directory.html
I'm ultimately hoping to have our VPN users and admins logging into Cisco network equipment authenticate against AD through our FreeRADIUS 2 installation. Today, I have been testing authentication from one of Cisco switches, and I continually receive this basic output:
You are not authenticating against AD. You are authenticating against local system file: ...
Thu Nov 19 16:17:34 2009 : Info: ++[unix] returns updated ... Thu Nov 19 16:17:34 2009 : Info: [pap] login attempt with password "xxxx" Thu Nov 19 16:17:34 2009 : Info: [pap] Using CRYPT encryption. Thu Nov 19 16:17:34 2009 : Info: [pap] Passwords don't match
... and the password isn't correct.
I can't tell from this output if the RADIUS server is ever even attempting to reach AD.
It isn't.
Obviously, if I enter the correct password for my username on the RADIUS server itself, authentication will succeed, but this is not the desired behavior at this time.
Comment out unix in authorize then. If you follow the guide this will work with Auth-Type := ntlm_auth in users file. Ivan Kalik