Michael, Try querying Active Directory with the "ldapsearch" utility. Here is an example. ldapsearch -LLL -h 1.2.3.4 -x -b 'dc=domain,dc=com' '(samaccountname=backops)' -D backops -w passofbackops This will make sure that the credentials are correct or not. Alhagie Puye - Network Engineer Datawave Group of Companies (604)295-1817
-----Original Message----- From: freeradius-users-bounces@lists.freeradius.org [mailto:freeradius-users-bounces@lists.freeradius.org] On Behalf Of Phil Mayers Sent: December 16, 2005 1:55 AM To: FreeRadius users mailing list Subject: Re: FreeRadius cannot Authenticate to Windows AD
Michael Calizo wrote:
Hi,
Same thing has happened, I still can not authenticate to WindowsAD. Same Error is displayed when i debug radiusd....
I put quotes arround password..
radtest user 'mypass' 192.168.1.1:1812 <http://192.168.1.1:1812> 1812 testing123 or radtest user 'mypass' 192.168.1.1:1812 <http://192.168.1.1:1812> 1812 testing123
What do you think is the problem? rlm_ldap: bind as cn=backops,cn=Admin,dc=domain,dc=com/passofbackops to 192.168.1.1:389 rlm_ldap: waiting for bind result ... rlm_ldap: LDAP login failed: check identity, password settings in ldap section of radiusd.conf
...that's pretty clear. The "identity"/"password" combo you have is wrong. Or AD thinks it's wrong. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
This message (including any attachments) is confidential, may be privileged and is only intended for the person to whom it is addressed. If you have received it by mistake please notify the sender by return e-mail and delete this message from your system. Any unauthorized use or dissemination of this message in whole or in part is strictly prohibited. E-mail communications are inherently vulnerable to interception by unauthorized parties and are susceptible to change. We will use alternate communication means upon request.