Hi all. I trying deploy the environment beetween freeradius and samba4 for wireless network. The topology follow bellow. access point <----> freeradius server <-----> server samba4 I setting the access point for authenticate in freeradius server and freeradius using ldap e authenticate in samba4, but not work follow bellow log server freeradius: [suffix] No '@' in User-Name = "user", looking up realm NULL [suffix] No such realm "NULL" ++[suffix] returns noop ++[unix] returns notfound ++[files] returns noop [ldap] performing user authorization for user [ldap] expand: (&(objectClass=user)(sAMAccountName=%{User-Name})) -> (&(objectClass=user)(sAMAccountName=user)) [ldap] expand: dc=batlab,dc=corp -> dc=batlab,dc=corp [ldap] ldap_get_conn: Checking Id: 0 [ldap] ldap_get_conn: Got Id: 0 [ldap] attempting LDAP reconnection [ldap] closing existing LDAP connection [ldap] (re)connect to 192.168.0.4:389, authentication 0 [ldap] bind as CN=freeradius,OU=noc,OU=batlab,DC=batlab,DC=corp/xxxx to 192.168.0.4:389 [ldap] waiting for bind result ... [ldap] Bind was successful [ldap] performing search in dc=batlab,dc=corp, with filter (&(objectClass=user)(sAMAccountName=user)) [ldap] ldap_search() failed: Operations error [ldap] search failed [ldap] ldap_release_conn: Release Id: 0 ++[ldap] returns fail Invalid user: [user/<no User-Password attribute>] (from client 192.168.0.200 port 0 cli 001f3a528f60) Using Post-Auth-Type Reject # Executing group from file /etc/freeradius/sites-enabled/default +- entering group REJECT {...} [attr_filter.access_reject] expand: %{User-Name} -> user attr_filter: Matched entry DEFAULT at line 11 ++[attr_filter.access_reject] returns updated I note this ldapsearch executed successfull # ldapsearch -LLL -h 192.168.0.4 -b dc=batlab,dc=corp -D user2@batlab.corp -W '(&(objectClass=user)(sAMAccountName=user))' dn: CN=user test,OU=noc,OU=batlab,DC=batlab,DC=corp objectClass: top objectClass: person objectClass: organizationalPerson objectClass: user cn: user test instanceType: 4 whenCreated: 20130404161519.0Z displayName: user test uSNCreated: 3728 name: user test objectGUID:: x9uu1FOl70u8ovEwuZ72Rw== badPwdCount: 0 codePage: 0 countryCode: 0 badPasswordTime: 0 lastLogoff: 0 lastLogon: 0 primaryGroupID: 513 objectSid:: AQUAAAAAAAUVAAAA2w3N/Xfij4HyH/nmUQQAAA== accountExpires: 9223372036854775807 logonCount: 0 sAMAccountName: user sAMAccountType: 805306368 userPrincipalName: user@batlab.corp objectCategory: CN=Person,CN=Schema,CN=Configuration,DC=batlab,DC=corp pwdLastSet: 130095657200000000 userAccountControl: 66048 memberOf: CN=Administrators,CN=Builtin,DC=batlab,DC=corp memberOf: CN=Domain Admins,CN=Users,DC=batlab,DC=corp memberOf: CN=Enterprise Admins,CN=Users,DC=batlab,DC=corp memberOf: CN=g_noc,OU=noc,OU=batlab,DC=batlab,DC=corp mail: user@batlab.ufms.br whenChanged: 20130427195156.0Z uSNChanged: 4204 distinguishedName: CN=user test,OU=noc,OU=batlab,DC=batlab,DC=corp I noticed that the ldap Samba4 does not possess the attribute user-password, is this the cause? My settings: Ubuntu Linux 12.04.2 Access Point: Linksys Cisco wrtp54g Any ideas. Regards