Windows XP hangs forever during PEAP auth on freeradius withwinbind/AD backend

tnt at kalik.net tnt at kalik.net
Fri Apr 3 00:41:01 CEST 2009


>I am trying to setup freeradius so that hosts running windows XP/SP2
>can be authenticated via .1x. when plugged in to a 3Com 3226 switch.
>The freeradius server version is 2.1.4, built from source, I added SSL
>libraries since Debian's deb for freeradius doesn't ship with them. My
>server is running Debian Lenny.
>
>I am using winbind to provide authentication services to Windows AD 2003/sp2.
>
>I am following the directions posted on the freeradius wiki (which is
>a bit out of date btw)
>
>http://wiki.freeradius.org/FreeRADIUS_Active_Directory_Integration_HOWTO
>
>
>I can list domain users via wbinfo -u and getent passwd.
>
>and doing
>
>wbinfo -a raduser%testing123 yields
>
>plaintext password authentication succeeded
>challenge/response password authentication succeeded
>
> ntlm_auth --request-nt-key --domain=VANGUARD --username=raduser
>password:
>NT_STATUS_OK: Success (0x0)
>
>However doing radtest fails, but read on before you jump to conclusions...
>

Let's not. Updated howto is on:

http://deployingradius.com/documents/configuration/active_directory.html

Have you imported CA certificate (ca.der) onto the client?

Ivan Kalik
Kalik Informatika ISP




More information about the Freeradius-Users mailing list