freeradius with active directory

David N'DAKPAZE lndakpaze at gmail.com
Mon Apr 27 19:27:33 CEST 2009


Yes it is ntlm_auth for ms-chap i have confofigured but i still have the
same response.Idon't know why.

2009/4/27 bastardinho69 <bastardinho69 at gmail.com>

> David N'DAKPAZE wrote:
>
>> hello,
>> I am configuring freeradius for authentication with active directory.I've
>> used http://deployingradius.com/documents/configuration/active_directory but freeradius reject all the requests because of no known password.It what
>> i have when i make a request:
>>  Ready to process requests.
>> rad_recv: Access-Request packet from host 127.0.0.1 port 51084, id=198,
>> length=61
>>        User-Name = "azerty"
>>        User-Password = "uiop"
>>        NAS-IP-Address = 127.0.0.1
>>        NAS-Port = 0
>> +- entering group authorize {...}
>> ++[preprocess] returns ok
>> ++[chap] returns noop
>> [suffix] No '@' <mailto:%27@%27> in User-Name = "azerty", looking up
>> realm NULL
>> [suffix] No such realm "NULL"
>> ++[suffix] returns noop
>> ++[files] returns noop
>> ++[expiration] returns noop
>> ++[logintime] returns noop
>> [pap] WARNING! No "known good" password found for the user.
>>  Authentication may fail because of this.
>> ++[pap] returns noop
>> No authenticate method (Auth-Type) configuration found for the request:
>> Rejecting the user
>> Failed to authenticate the user.
>> Login incorrect: [azerty/uiop] (from client localhost port 0)
>> Using Post-Auth-Type Reject
>> +- entering group REJECT {...}
>> [attr_filter.access_reject]     expand: %{User-Name} -> azerty
>> attr_filter: Matched entry DEFAULT at line 11
>> ++[attr_filter.access_reject] returns updated
>> Delaying reject of request 0 for 1 seconds
>> Going to the next request
>> Waking up in 0.9 seconds.
>> Sending delayed reject for request 0
>> Sending Access-Reject of id 198 to 127.0.0.1 port 51084
>> Waking up in 4.9 seconds.
>> Cleaning up request 0 ID 198 with timestamp +27
>>  Thanks for your help
>> ------------------------------------------------------------------------
>>
>> -
>> List info/subscribe/unsubscribe? See
>> http://www.freeradius.org/list/users.html
>>
> As far as i know, u should use mschap to authenticate against AD ;)
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20090427/6c9d1066/attachment.html>


More information about the Freeradius-Users mailing list