Users in SQL not accepted, AD works.

it at it at
Tue Jan 9 09:19:36 UTC 2024

Hi Alan,

thank you for your reply.

>  We don't need to see configuration files. It doesn't help.
Alright, I'll keep that in mind.

>  If you leave the server in debug output for long enough (~30s) and send it more packets, it will print out a link to the Wiki which tells you exactly what's going wrong.
Well, yes. That's my fault as I patched the changes into a production system (we do not yet have a testing environment) and if I let the server run for 30 more seconds, more clients will connect and flood the output.

Regarding the certificates: normal logins, i.e. those that use ntlm_auth, are possible - even with the same client, so I assumed them to be fine. I guess sql-based logins required EAP-TLS then? My intention was to use the system's Let's Encrypt-certificates which are used within the tls-eap-peap configuration and only use tls-eap-tls for certificate based logins at some point, and didn't assume that changing the source of the passwords to sql would change anything there.


More information about the Freeradius-Users mailing list