Freeradius + AD authentication passing Domain+User
Alan DeKok
aland at deployingradius.com
Thu Jun 15 19:05:31 CEST 2017
> On Jun 15, 2017, at 12:22 PM, Alejandro Cabrera Obed <aco1967 at gmail.com> wrote:
>
> Dear, we have a Freeradius 2.2.5 server in order to authenticate WiFi users
> from cell phones and notebooks.
>
> In the case of cell phones, the users type the corresponding usernames and
> passwords and after that Freeradius passes it to the AD and everything
> works OK.
That's good.
> In the case of the notebooks, the Windows users are logged into our DC
> domain, then they type the username or username at domain or domain\username
> with the corresponding passwords but in theses cases they can't
> authenticate against the AD (there is a reject message in the Freradius
> log).
So... what is the reject message?
Please post the full debug output as suggested in the FAQ, "man" pages, wiki, and daily on this list.
> In case they are not logged into the domain, and they are local users
> in the notebooks, if they type just their usernames (without domain) they
> authenticate OK.
That's good.
> So how can I authenticate Windows users against the AD when they are logged
> into the domain??? Do I have to define a special directive in a config file
> from freeradius, winbind or samba?
It's not magic. But it DOES require that you read the debug output.
Alan DeKok.
More information about the Freeradius-Users
mailing list