Fwd: FR + AD + Vlans + LDAP help
Alan DeKok
aland at deployingradius.com
Tue Apr 17 07:31:47 CEST 2007
Jacob Jarick wrote:
> Im not sure what is happening atm, the wireless client trys to
> authenticate but fails.
>
> radiusd -X -A output: http://pastebin.ca/444005
The debug output shows an error message from ntlm_auth. Fix that.
> Now I am still asumming radius can auth against ADS using ldap (am I
> wrong or right there ppl),
No. This comes up a lot, and the answer is always the same. LDAP
servers don't do authentication. They're databases. FreeRADIUS is an
authentication server, not a database. And Active Directory is barely
an LDAP server. You can query it for *some* information, but not for
passwords.
That's what ntlm_auth has to be used.
Alan DeKok.
--
http://deployingradius.com - The web site of the book
http://deployingradius.com/blog/ - The blog
More information about the Freeradius-Users
mailing list