problem migrating to freeradius2 with LDAP/krb5 Authorization/Authentication
Riccardo Veraldi
Riccardo.Veraldi at cnaf.infn.it
Mon Jun 21 23:51:55 CEST 2010
Alan DeKok wrote:
> Riccardo Veraldi wrote:
>
>> radtest "user at myrealm.org" "password" localhost 10 testing123
>>
> ...
>
>> [root at radius ~]# kinit user
>> Password for user at MYREALMG.ORG:
>>
>
> The realm names are different. Is this intentional?
>
> Try placing the name && password into a text file. Cut & paste them
> into radtest, and into kinit. That way you'll know that you're testing
> the same thing.
>
> Alan DeKok.
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>
yes it is intentional... it is my mistake when I obscured my real domain
and IP Addresses.
Actually there must be something wrong with the kerberos configuration
in the krb5.keytab
because I keep getting "wrong principal" error, so it is not freeradius2
configuration fault in my opinion,
neverless I don't understand what is wrong with kerberos since I added
the radius server to the KDC
configuration correctly...
Using only LDAP works flawlessy, when I add Auth-Type := kerberos it
does not work anymore...
Rick
More information about the Freeradius-Users
mailing list