Not setting Auth-Type
Roberto Rios
rrios at chattanooga.gov
Thu Aug 25 19:29:45 CEST 2016
the fact that binding AD with credentials give in ldap conf is succesful,
does that not mean that radius and AD are already seeing each other.
this is my ldap conf:
# for the behavioral semantics of specifying more than one host.
server = "10.0.43.1"
# Port to connect on, defaults to 389. Setting this to 636 will
enable
# LDAPS if start_tls (see below) is not able to be used.
port = 389
# Administrator account for searching and possibly modifying.
identity = "cn=ldapradius1,ou=Admins,dc=xxxx,dc=xxx"
password = xxxxx
# Unless overridden in another section, the dn from which all
# searches will start from.
base_dn = "dc=xxxx,dc=xxx"
everything else is set as default
Thank you
On Thu, Aug 25, 2016 at 11:07 AM, Alan DeKok <aland at deployingradius.com>
wrote:
> On Aug 25, 2016, at 10:07 AM, Roberto Rios <rrios at chattanooga.gov> wrote:
>
> Please *read* the debug log. All of it.
>
> ...
> > rlm_ldap (ldap): Waiting for bind result...
> > rlm_ldap (ldap): Bind successful
> > rlm_ldap (ldap): Bind successful
> > rlm_ldap (ldap): Bind successful
> > (0) ldap : Search returned no results
>
> That should be easy enough to understand.
>
> > Right now I am trying to have a working instance of radius with ldap
> auth,
> > but , yes I will be using PEAP for wireless authentication.
>
> Ensure that the user is in LDAP. Ensure that the LDAP module
> configuration in FreeRADIUS is correct.
>
> The server prints out the LDAP search strings it's using for a reason.
> Please *read them*, and see if they make sense to you.
>
> If you're using Active Directory, use ntlm_auth to authenticate users.
> See http://deployingradius.com/documents/configuration/
> active_directory.html
>
> Alan DeKok.
>
>
>
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/
> list/users.html
More information about the Freeradius-Users
mailing list