Freeradius2.1.3 + Fedora9 + PEAP + AD = problem
Brett Littrell
Blittrell at musd.org
Wed Feb 16 17:22:21 CET 2011
Pretty new to FR as well but from what it looks like to me is your using Workstation login not user login. The portion
[suffix] No '@' in User-Name = "host/W400210.interoute.com", looking up
realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[eap] EAP packet type response id 198 length 31
[eap] No EAP Start, assuming it's an on-going EAP conversation
++[eap] returns updated
++[files] returns noop
++[expiration] returns noop
++[logintime] returns noop
[pap] WARNING! No "known good" password found for the user. Authentication
may fail because of this.
++[pap] returns noop
Found Auth-Type = EAP
looks like your supplicant is sending workstation logins and your LDAP server is rejecting them. I don't know though, I am not a big log reader, I skim over them to find the error, I really need to get into them more:)
Brett Littrell
Network Manager
MUSD
CISSP, CCSP, CCVP, MCNE
>>> On Wednesday, February 16, 2011 at 1:38 AM, in message <1297849120978-3387353.post at n5.nabble.com>, lucky79 <lukas.hofrichtr at interoute.com> wrote:
Hi Alan,
Thanks for quick reply
I have read the log several times however nothing points me to the right
direction...thats why I posted a question here...
when I use username at domain.com I get access-reject as ntlm authentication
fails so from this point its working ok I guess. Also I dont think its a
certificate problem as I've got same results with linux / windows 7 clients.
>From the debug I see ntlm authentication went OK then EAP session does not
finish, but why this is happening? Do you think I am really facing the
certificate compatibility problem? Even its working fine with freeradius
1.1.7? I've tried to create a new one but same results...
Or have I missed anything else? Sorry FR 2.x.x is still new to me
Thanks
Lukas
--
View this message in context: http://freeradius.1045715.n5.nabble.com/Freeradius2-1-3-Fedora9-PEAP-AD-problem-tp2780544p3387353.html
Sent from the FreeRadius - User mailing list archive at Nabble.com.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20110216/9d4620a6/attachment.html>
More information about the Freeradius-Users
mailing list