Freeradius + Active Directory

Rashard Roberts grroberts at gmail.com
Wed Oct 20 23:38:30 CEST 2010


Hello

I am trying to get Freeradius to authenticate end-user using Active
Directory.  The end-user will be using be there AD username and password to
login to network devices.  Would some please help me?  I have embedded a
copy of the debug log from the radius server.

rad_recv: Access-Request packet from host 192.168.168.252:1645, id=94,
length=92
        User-Name = "svc-ldap-01 at corp-test"
        User-Password = "WindowsXP!"
        Service-Type = NAS-Prompt-User
        NAS-IP-Address = 192.168.168.252
        NAS-Port = 10
        Calling-Station-Id = "192.168.168.194"
  Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 0
  modcall[authorize]: module "preprocess" returns ok for request 0
  modcall[authorize]: module "chap" returns noop for request 0
  modcall[authorize]: module "mschap" returns noop for request 0
    rlm_realm: Looking up realm "corp-test" for User-Name =
"svc-ldap-01 at corp-test"
    rlm_realm: No such realm "corp-test"
  modcall[authorize]: module "suffix" returns noop for request 0
  rlm_eap: No EAP-Message, not doing EAP
  modcall[authorize]: module "eap" returns noop for request 0
    users: Matched entry DEFAULT at line 152
  modcall[authorize]: module "files" returns ok for request 0
modcall: leaving group authorize (returns ok) for request 0
  rad_check_password:  Found Auth-Type System
auth: type "System"
  Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 0
  modcall[authenticate]: module "unix" returns notfound for request 0
modcall: leaving group authenticate (returns notfound) for request 0
auth: Failed to validate the user.
Delaying request 0 for 1 seconds
Finished request 0
Going to the next request
--- Walking the entire request list ---
Waking up in 1 seconds...
--- Walking the entire request list ---
Waking up in 1 seconds...
--- Walking the entire request list ---
Sending Access-Reject of id 94 to 192.168.168.252 port 1645
Waking up in 4 seconds...
--- Walking the entire request list ---
Cleaning up request 0 ID 94 with timestamp 4cbf5aee
Nothing to do.  Sleeping until we see a request.
rad_recv: Access-Request packet from host 192.168.168.252:1645, id=95,
length=104
        User-Name = "svc-ldap-01 at corp-test.weather.com"
        User-Password = "WindowsXP!"
        Service-Type = NAS-Prompt-User
        NAS-IP-Address = 192.168.168.252
        NAS-Port = 10
        Calling-Station-Id = "192.168.168.194"
  Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 1
  modcall[authorize]: module "preprocess" returns ok for request 1
  modcall[authorize]: module "chap" returns noop for request 1
  modcall[authorize]: module "mschap" returns noop for request 1
    rlm_realm: Looking up realm "corp-test.weather.com" for User-Name = "
svc-ldap-01 at corp-test.weather.com"
    rlm_realm: No such realm "corp-test.weather.com"
  modcall[authorize]: module "suffix" returns noop for request 1
  rlm_eap: No EAP-Message, not doing EAP
  modcall[authorize]: module "eap" returns noop for request 1
    users: Matched entry DEFAULT at line 152
  modcall[authorize]: module "files" returns ok for request 1
modcall: leaving group authorize (returns ok) for request 1
  rad_check_password:  Found Auth-Type System
auth: type "System"
  Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 1
  modcall[authenticate]: module "unix" returns notfound for request 1
modcall: leaving group authenticate (returns notfound) for request 1
auth: Failed to validate the user.
Delaying request 1 for 1 seconds
Finished request 1
Going to the next request
--- Walking the entire request list ---
Waking up in 1 seconds...
--- Walking the entire request list ---
Waking up in 1 seconds...
--- Walking the entire request list ---
Sending Access-Reject of id 95 to 192.168.168.252 port 1645
Waking up in 4 seconds...
--- Walking the entire request list ---
Cleaning up request 1 ID 95 with timestamp 4cbf5b25
Nothing to do.  Sleeping until we see a request.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-devel/attachments/20101020/9e79be28/attachment.html>


More information about the Freeradius-Devel mailing list