Hi, I have configured & tested LDAP by radtest utility. ( Working fine ). My authorize section contains ldap & then eap. Not touched authenticate section. 1. Now I am trying to authenticate a client (windows) with back-end LDAP database using PEAP(mschap v2). Not able to authenticate. I have tested EAP-TLS, EAP-PEAP also with the same certificates ( working fine ). debugging log. http://pastebin.com/vcucS9YK I have cross checked the date & certificate validity also. Do we need some other settings ? Tell me if some other logs are needed. Regards
Prateek Kumar wrote:
1. Now I am trying to authenticate a client (windows) with back-end LDAP database using PEAP(mschap v2). Not able to authenticate. I have tested EAP-TLS, EAP-PEAP also with the same certificates ( working fine ).
debugging log.
Read it.
I have cross checked the date & certificate validity also. Do we need some other settings ?
The debug log points you to all the documentation you need. Alan DeKok.
Hi Alan, I have configured ldap in inner-tunnel authorize section & then mapped Cleartext-Password to userPassword := in ldap.attr file. Then I can authenticate the user with TLS/PEAP-MSCAHPv2 as I have cleartext password configured in my openldap server. Is that ok. Or some other things else also need need to be configured for deployment environment ?. Regards, On Fri, Jun 15, 2012 at 8:30 PM, Alan DeKok <aland@deployingradius.com>wrote:
Prateek Kumar wrote:
1. Now I am trying to authenticate a client (windows) with back-end LDAP database using PEAP(mschap v2). Not able to authenticate. I have tested EAP-TLS, EAP-PEAP also with the same certificates ( working fine ).
debugging log.
Read it.
I have cross checked the date & certificate validity also. Do we need some other settings ?
The debug log points you to all the documentation you need.
Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
participants (2)
-
Alan DeKok -
Prateek Kumar