New User and AD Question

McNutt, Justin M. McNuttJ at missouri.edu
Mon Feb 28 21:42:24 CET 2011


Should I post the debug log here, or a pastebin, or...?

--J 

> -----Original Message-----
> From: 
> freeradius-users-bounces+mcnuttj=missouri.edu at lists.freeradius
> .org 
> [mailto:freeradius-users-bounces+mcnuttj=missouri.edu at lists.fr
> eeradius.org] On Behalf Of Alan DeKok
> Sent: Sunday, February 27, 2011 1:51 PM
> To: FreeRadius users mailing list
> Subject: Re: New User and AD Question
> 
> McNutt, Justin M. wrote:
> > New member to the list, here.  I have a question about AD 
> computer-based
> > authentication.  Basically, how is it accomplished?
> 
> http://deployingradius.com/documents/configuration/active_dire
> ctory.html
> 
>   It's pretty much the same as normal user authentication.  PEAP goes
> in, authentication goes out, never a miscommunication. :)
> 
> > The EAP functions for clients using EAP-TTLS and EAP-PEAP 
> work just fine
> > for all users in all domains (authenticated via ntlm_auth) 
> EXCEPT for
> > the "host\\computer.domain.name" users (the computer accounts).  I'd
> > like to make this work, partly because a large number of the failed
> > login attempts in my logs are from hosts that are valid 
> domain members.
> 
>   So... what goes wrong?
> 
> > Sooo... help?  What's the basic idea behind making this work?
> 
>   Post the debug log from a failed session.
> 
>   Alan DeKok.
> -
> List info/subscribe/unsubscribe? See 
> http://www.freeradius.org/list/users.html
> 



More information about the Freeradius-Users mailing list