Connecting the dots.

Lance Haig Lance.Haig at forward.co.uk
Thu Sep 16 09:31:53 CEST 2010


Hi Alan,

Thanks for the response.

We do know about the samba update and it was the first thing I check when
the system broke. We have about 400 ubuntu vm's running on our environment
and we have not yet updated our corporate repo with this update as we have
not tested it yet.

I checked the winbindd_privileged directory and it has the correct file
permissions 

I want to add to me original post to the list in that this server was not
originally configured by myself and the original person created a monolithic
radiusd.conf file with all the settings in the one file this is making it
difficult to match the settings to the docs. Hence my question about how the
docs match to the new conf files.

Freeradius -X and -Xx have not highlighted anything suspicious that I
believe is different to what was being logged there before.

The reason for the new server build is so that I can understand how
freeradius works and specifically how it will work with AD as a backend.

I have been able to get the server connecting to AD and authing me against
it as per one of my other posts to the list.

I am just not sure I have done this correctly as the auth request fails when
I try to connect using my laptop. (we mostly have mac's in this office)

This is against my new server by the way.

This is what led me to copntact the list to see how the docs match the new
config as I have seen

=================================

Waking up in 4.9 seconds.
rad_recv: Access-Request packet from host 10.0.210.4 port 32768, id=187,
length=205
        User-Name = "Lance.Haig"
        Calling-Station-Id = "00-26-08-e8-c9-85"
        Called-Station-Id = "00-1b-8f-8a-d8-90:LNH"
        NAS-Port = 13
        NAS-IP-Address = 10.0.210.4
        NAS-Identifier = "FWDWLC"
        Airespace-Wlan-Id = 4
        Service-Type = Framed-User
        Framed-MTU = 1300
        NAS-Port-Type = Wireless-802.11
        EAP-Message =
0x0207002b19001703010020520cb27842380dee8600973e5967661e03fab0689f23a28f27cb
78dce34bfcc5
        State = 0x47419e384246876f90468b6b37412030
        Message-Authenticator = 0x4bb2d4d267947887f5bcb88b9c8dfbb2
+- entering group authorize {...}
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
[suffix] No '@' in User-Name = "Lance.Haig", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[eap] EAP packet type response id 7 length 43
[eap] Continuing tunnel setup.

==================================================


Which leads me to believe that the REALMS config is not working properly.

And I cant find instructions on what to check to make sure this is the case.

Apologies for rambling on a bit.

Lance





More information about the Freeradius-Users mailing list