Freeradius +LDAP + Active Directory + Authenticate Only questions
Alan DeKok
aland at deployingradius.com
Fri Jan 18 10:05:22 CET 2008
William Segura wrote:
> I am trying to setup Freeradius to authenticate against an active
> directory server.
Only "bind as user" will work, and even then not always.
> Here are the relevant files:
Please do not post configuration files to the list.
> Radius Log:
...
> rad_recv: Access-Request packet from host 127.0.0.1:35655, id=159,
> length=58
> User-Name = "user1"
> User-Password = "\204\016V\332\226\325\007\347\254Hm\262}B\321M"
Your shared secret is wrong. Fix it.
> modcall[authorize]: module "preprocess" returns ok for request 0
> rlm_pap: WARNING! No "known good" password found for the user.
> Authentication may fail because of this.
> modcall[authorize]: module "pap" returns noop for request 0
You have re-ordered the modules in the "authorize" section. Why? Do
you understand what the PAP module does?
> rlm_ldap: Bind failed with invalid credentials
Because the password was wrong. The password *should* be visible in
debugging mode. It should NOT be binary garbage.
> auth: Failed to validate the user.
> WARNING: Unprintable characters in the password. ? Double-check the
> shared secret on the server and the NAS!
Perhaps this message might be useful. Did you read it? Did you
follow it's instructions?
Alan DeKok.
More information about the Freeradius-Users
mailing list