New User and AD Question
McNutt, Justin M.
McNuttJ at missouri.edu
Mon Feb 28 21:42:24 CET 2011
Should I post the debug log here, or a pastebin, or...?
--J
> -----Original Message-----
> From:
> freeradius-users-bounces+mcnuttj=missouri.edu at lists.freeradius
> .org
> [mailto:freeradius-users-bounces+mcnuttj=missouri.edu at lists.fr
> eeradius.org] On Behalf Of Alan DeKok
> Sent: Sunday, February 27, 2011 1:51 PM
> To: FreeRadius users mailing list
> Subject: Re: New User and AD Question
>
> McNutt, Justin M. wrote:
> > New member to the list, here. I have a question about AD
> computer-based
> > authentication. Basically, how is it accomplished?
>
> http://deployingradius.com/documents/configuration/active_dire
> ctory.html
>
> It's pretty much the same as normal user authentication. PEAP goes
> in, authentication goes out, never a miscommunication. :)
>
> > The EAP functions for clients using EAP-TTLS and EAP-PEAP
> work just fine
> > for all users in all domains (authenticated via ntlm_auth)
> EXCEPT for
> > the "host\\computer.domain.name" users (the computer accounts). I'd
> > like to make this work, partly because a large number of the failed
> > login attempts in my logs are from hosts that are valid
> domain members.
>
> So... what goes wrong?
>
> > Sooo... help? What's the basic idea behind making this work?
>
> Post the debug log from a failed session.
>
> Alan DeKok.
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>
More information about the Freeradius-Users
mailing list