David N'DAKPAZE wrote:
hello,
I am configuring freeradius for authentication with active
directory.I've used
http://deployingradius.com/documents/configuration/active_directory
but freeradius reject all the requests because of no known
password.It what i have when i make a request:
Ready to process requests.
rad_recv: Access-Request packet from host 127.0.0.1 port 51084,
id=198, length=61
User-Name = "azerty"
User-Password = "uiop"
NAS-IP-Address = 127.0.0.1
NAS-Port = 0
+- entering group authorize {...}
++[preprocess] returns ok
++[chap] returns noop
[suffix] No '@' <mailto:%...@%27> in User-Name = "azerty", looking up
realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
++[files] returns noop
++[expiration] returns noop
++[logintime] returns noop
[pap] WARNING! No "known good" password found for the user.
Authentication may fail because of this.
++[pap] returns noop
No authenticate method (Auth-Type) configuration found for the
request: Rejecting the user
Failed to authenticate the user.
Login incorrect: [azerty/uiop] (from client localhost port 0)
Using Post-Auth-Type Reject
+- entering group REJECT {...}
[attr_filter.access_reject] expand: %{User-Name} -> azerty
attr_filter: Matched entry DEFAULT at line 11
++[attr_filter.access_reject] returns updated
Delaying reject of request 0 for 1 seconds
Going to the next request
Waking up in 0.9 seconds.
Sending delayed reject for request 0
Sending Access-Reject of id 198 to 127.0.0.1 port 51084
Waking up in 4.9 seconds.
Cleaning up request 0 ID 198 with timestamp +27
Thanks for your help
------------------------------------------------------------------------
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
As far as i know, u should use mschap to authenticate against AD ;)
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
