802.1x on Active Directory: no errors in debug but auth fails
Brett Littrell
Blittrell at musd.org
Tue Feb 8 16:20:55 CET 2011
I do not recall FR 2.11 default working with Windows so I followed the instructions from the link I posted and it started to work after that; of course I am using a LDAP back end not AD directly. I can and do authenticate Windows XP SP3 no problem against FR, but as I said it is with an LDAP back end, maybe an AD backend is a bit different.
Good luck on it either way, you will eventually find your way there I am sure:)
Brett Littrell
Network Manager
MUSD
CISSP, CCSP, CCVP, MCNE
>>> On Tuesday, February 08, 2011 at 3:16 AM, in message <00ad01cbc781$94f25850$bed708f0$@it>, Domenico Viggiani <dviggiani at tiscali.it> wrote:
Brett Littrell wrote:
>
> Not sure if your just having issues with the OID or something else,
> but I found the thread really helped to fix cert issues I > had.
http://lists.cistron.nl/pipermail/freeradius-users/2006-October/msg00515.htm
l
> I used the MS cert server as described in this listing as well as used our
Novell
> Cert server and both worked for issuing a Cert that MS clients will
accept.
> I am sure OpenSSL can do it to just never looked far enough into it to see
the exact syntax
Thanks but I think that recent versions of Freeradius contains a certs
generation script that provide "test" certificates with all OIDs needed.
Or am I wrong?
I'm currently still unable to authenticate a XP SP3 client to FR by Active
Directory.
Regards
--
DV
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20110208/d1bbe541/attachment.html>
More information about the Freeradius-Users
mailing list