AW: AW: AW: AW: AW: Authenticating SSH login on a Cisco IOS switch to AD

Schaatsbergen, Chris Chris.Schaatsbergen at aleo-solar.de
Mon Feb 14 13:28:23 CET 2011


I think freeradius is a great piece of software and I will certainly continue to use it. I am also very happy with the great documentation that can be found, both the wiki and Alan's website are an awesome source of very good information. The support community here is also very active, which is a great thing.

But had someone with freeradius knowledge taken the time to look at the freeradius -X logs I (and David Dumortier) supplied with our questions, they would have seen the problem right away I suppose, in both our cases.

Probably there have been too many typical n00b users who asked questions after not following the (clear) documentation properly, but please understand we are not all like that.

This has caused me an enormous load of stress and has cost me about 3 days (and one night sleep), and I assume it has caused you a certain amount of stress as well, and it could have been so much more satisfying had it been checked just a little bit more.

Of course, you are not responsible for every package being produced and I do not know yet how this all works as I did not install our freeradius server myself (unfortunately). But in our cases, the users where not to blame, other than using an available and hopefully supported package.

I will have a new lenny server installed with just the 2.1.10 debian backport package on it (no older versions) to see if that comes with a proper radiusd.conf file. If so then my problem is caused by an older package being installed earlier and new users will not be bothered by it.

Again, I really think freeradius is a great piece of software, there is plenty of good documentation and it has an awesome support community here. So I will certainly continue to use freeradius as our authentication server. But please, if a user says he followed the instructions to the letter, give them the benefit of the doubt and see if something else is going wrong.


> -----Ursprüngliche Nachricht-----
> Von: freeradius-users-bounces+chris.schaatsbergen=aleo-
> solar.de at lists.freeradius.org [mailto:freeradius-users-
> bounces+chris.schaatsbergen=aleo-solar.de at lists.freeradius.org] Im
> Auftrag von Alan DeKok
> Gesendet: Montag, 14. Februar 2011 12:57
> An: FreeRadius users mailing list
> Betreff: Re: AW: AW: AW: AW: Authenticating SSH login on a Cisco IOS
> switch to AD
> 
> Schaatsbergen, Chris wrote:
> > That is clear, but it seems it is missing in the Lenny Package
> somehow as http://lists.freeradius.org/pipermail/freeradius-users/2011-
> January/msg00192.html has exactly the same problem as me, no modules
> folder being read causing the ntlm_auth not being recognized as module.
> 
>   <shrug>  I don't run Lenny, so I can't say any more.
> 
> > Where can I find a proper radiusd.conf?
> 
>   Have you tried the 2.1.10 "tar" file on freeradius.org?
> 
>   Alan DeKok.
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html




More information about the Freeradius-Users mailing list