"Dickson, John" <[EMAIL PROTECTED]> wrote: > rlm_ldap: looking for check items in directory... > rlm_ldap: looking for reply items in directory...
The user's clear-text password wasn't obtained from the LDAP server. This is to be expected in AD, as it doesn't supply them, ... > rad_check_password: Found Auth-Type System > auth: type "System" > Processing the authenticate section of radiusd.conf > modcall: entering group authenticate for request 0 > modcall[authenticate]: module "unix" returns notfound for request 0 > modcall: group authenticate returns notfound for request 0 This message should be clear: the user isn't found in /etc/passwd. > My question is, how do I get an "Accept" from the request and is there a > way around the basedn naming conventions that will alllow FreeRadius to > work with Windowz? The issue here isn't with basedn naming conventions. It's that you haven't set up FreeRADIUS to ask AD about authenticating the user. If the users log in with clear-text passwords, my suggestion is to set up rlm_smb, and point it to the domain controller. That will let FreeRADIUs use AD for authentication. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
