FreeRadius 1.1.4 and rlm_krb5 and Active Directory
Hi! I'm trying to configure freeradius with rlm_krb5 using mini howto from Enrik Berkhan http://archives.free.net.ph/message/20060104.153134.68c5be76.en.html , but i have some troubles. when i type radtest user@office.ru userpass localhost 10 testing123 i got: Sending Access-Request of id 145 to 127.0.0.1 port 1812 User-Name = "user@office.ru" User-Password = "userpass" NAS-IP-Address = 255.255.255.255 NAS-Port = 10 rad_recv: Access-Reject packet from host 127.0.0.1:1812, id=145, length=20 and radius log: Nothing to do. Sleeping until we see a request. rad_recv: Access-Request packet from host 127.0.0.1:53441, id=145, length=105 User-Name = "user@office.ru" User-Password = "userpass" NAS-IP-Address = 255.255.255.255 NAS-Port = 10 Processing the authorize section of radiusd.conf modcall: entering group authorize for request 3 modcall[authorize]: module "preprocess" returns ok for request 3 modcall[authorize]: module "chap" returns noop for request 3 modcall[authorize]: module "mschap" returns noop for request 3 rlm_realm: Looking up realm "office.ru" for User-Name = "user@office.ru" rlm_realm: No such realm "office.ru" modcall[authorize]: module "suffix" returns noop for request 3 rlm_eap: No EAP-Message, not doing EAP modcall[authorize]: module "eap" returns noop for request 3 users: Matched entry DEFAULT at line 152 modcall[authorize]: module "files" returns ok for request 3 rlm_pap: WARNING! No "known good" password found for the user. Authentication may fail because of this. modcall[authorize]: module "pap" returns noop for request 3 modcall: leaving group authorize (returns ok) for request 3 rad_check_password: Found Auth-Type krb auth: type "krb" Processing the authenticate section of radiusd.conf modcall: entering group krb for request 3 rlm_krb5: Parsed name is: user@office.ru rlm_krb5: failed verify_user: Unknown error -1765328343 (user@office.ru ) modcall[authenticate]: module "krb5" returns reject for request 3 modcall: leaving group krb (returns reject) for request 3 auth: Failed to validate the user. Login incorrect: [user@office.ru/userpass] (from client localhost port 10) Delaying request 3 for 1 seconds Finished request 3 Going to the next request --- Walking the entire request list --- Waking up in 1 seconds... --- Walking the entire request list --- Sending Access-Reject of id 145 to 127.0.0.1 port 53441 Waking up in 4 seconds... --- Walking the entire request list --- Cleaning up request 3 ID 145 with timestamp 45e576ce Somebody has experience of such adjustment?
participants (1)
-
Kozlov Artem