Freeradius 3.x with LDAP authentication

Alan DeKok aland at deployingradius.com
Tue Aug 15 18:41:12 CEST 2017


On Aug 15, 2017, at 5:58 PM, Adam Cage <adamcage27 at gmail.com> wrote:
> 
> Dear all, finally I have followed as you said: Authentication with samba,
> winbind, ntlm_auth and Authorization with LDAP, but I fails. I post my main
> config LDAP files and the debug output in order to get your help please:

  Please don't post configuration files.  We ask for the debug output for a reason: it's all we need.

> */etc/freeradius/users:*
> 
> DEFAULT Ldap-Group == "cn=group1,ou=wifi,dc=company,dc=com"
>        Service-Type = Login-User
> 
> DEFAULT Auth-Type := Reject

  You're not telling the server how to authenticate the user.

> $ radtest adam 1234abcd 127.0.0.1 0 testing123

  Which is just a PAP request...

> And I fail, this is the debug output:
...
> Tue Aug 15 12:38:27 2017 : Debug: WARNING: No "known good" password was
> found in LDAP.  Are you sure that the user is configured correctly?

  That's just Active Directory not supplying the password...

> Tue Aug 15 12:38:27 2017 : Info: *ERROR: No authenticate method (Auth-Type)
> found for the request: Rejecting the user*
> Tue Aug 15 12:38:27 2017 : Info: Failed to authenticate the user.

  And you haven't told the server how to authenticate the user.

  Follow the guide on deployingradius.com.   It *will* work.

  Alan DeKok.




More information about the Freeradius-Users mailing list