Help PLease

Adam Schappell aschappell at clearedgeit.com
Tue Mar 31 15:33:13 CEST 2015


Holy smokes! I got it working! Thank you everyone for your help and dealing
with my annoyingness. I integrated the ntlm_auth this morning and got
everything working with the Ubiquiti AP's.



Adam Schappell
System Administrator II
Clearedge IT Solutions, LLC
10620 Guilford Road
Jessup, MD 20794
Office:443-212-4712
Fax:443-212-4809
www.ClearEdgeIT.com <http://www.clearedgeit.com/>


On Mon, Mar 30, 2015 at 5:40 PM, Michael Ströder <michael at stroeder.com>
wrote:

> Adam Schappell wrote:
>
>> # Executing section authorize from file
>> /etc/raddb/sites-enabled/inner-tunnel
>>
>> +- entering group authorize {...}
>>
>> ++[chap] returns noop
>>
>> ++[mschap] returns noop
>>
>
> What mech do you want to use in the inner channel (within EAP-TTLS)?
>
> Since my OpenLDAP server only has hashed passwords I'm using PAP with
> Auth-Type LDAP inside EAP-TTLS. pap seems not to be configured in your
> inner-tunnel.
>
> Your mileage may vary.
>
>  [ldap] expand: (sAMAccountName=%{%{Stripped-User-Name}:-%{User-Name}}) ->
>> (sAMAccountName=CORP\5caschappell)
>>
>> [ldap] expand: dc=corp,dc=clearedgeit,dc=com ->
>> dc=corp,dc=clearedgeit,dc=com
>>
>>    [ldap] ldap_get_conn: Checking Id: 0
>>
>>    [ldap] ldap_get_conn: Got Id: 0
>>
>>    [ldap] performing search in dc=corp,dc=clearedgeit,dc=com, with filter
>> (sAMAccountName=CORP\5caschappell)
>>
> >
> >    [ldap] object not found
>
> Why the hell did you enter the user name with NETBIOS domain prefix?
>
> FreeRADIUS is *not* a typical Windows component using the
> Windows-CrackNames-API. So just enter "aschappell" (without the quotes) as
> user name.
>
> Sorry, you should try to read more of the numerous public how-tos
> describing how to attach FreeRADIUS to MS AD and analyze which mechs are
> used.
>
> (I'm also rather a FreeRADIUS beginner and I read many of those how-tos
> recently.)
>
> Ciao, Michael.
>
>
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>


More information about the Freeradius-Users mailing list