question about windows users

A.L.M.Buxey at lboro.ac.uk A.L.M.Buxey at lboro.ac.uk
Mon May 18 16:28:31 CEST 2009


Hi,

> ok (you guys propably hate me :) but please could you still give me the
> answers as you did before)
> but back to the subject:
> I did like you said,
> I installed 2.0.4 version (compiled using suggestions from:
> http://www.fatofthelan.com/articles/articles.php?pid=27
> http://www.linuxinsight.com/building-debian-freeradius-package-with-eap-tls-ttls-peap-support.html)

you are using an old version, you are using random 3rd party instructions
of dubious dates and knowledge.

> first one:
> when I open properites of client certificate on XP using mmc-certificates
> console I have the information that "Windows doesnt have enough information
> to verify this certificate" "You have proper private key to this
> certificate" (it is non-english system so its translation but I think
> translation is ok)

this means you didnt install the CA - ensure you've added it to the trusted CA list
in the system - use the certificate MMC Snapin.

> second one:

original packet has this:

>         User-Name = "user at example.com"

this is then proxied to the system handling example.com:

>     rlm_realm: Looking up realm "example.com" for User-Name = "
> user at example.com"
>     rlm_realm: Found realm "example.com"
>     rlm_realm: Adding Stripped-User-Name = "user"
>     rlm_realm: Adding Realm = "example.com"
>     rlm_realm: Proxying request from user user to realm example.com
>     rlm_realm: Preparing to proxy authentication request to realm "
> example.com"
> ++[suffix] returns updated

..which then says this:

> rlm_eap: Identity does not match User-Name, setting from EAP Identity.
>   rlm_eap: Failed in handler

so..somewhere along the line you are playing with the User-Name attribute...something
which you cannot do with EAP - if you take a standard 2.1.6 install and make the basic changes
to your eap.conf and clients.conf it will work.

alan



More information about the Freeradius-Users mailing list