Should I post the debug log here, or a pastebin, or...? --J
> -----Original Message----- > From: > [email protected] > .org > [mailto:[email protected] > eeradius.org] On Behalf Of Alan DeKok > Sent: Sunday, February 27, 2011 1:51 PM > To: FreeRadius users mailing list > Subject: Re: New User and AD Question > > McNutt, Justin M. wrote: > > New member to the list, here. I have a question about AD > computer-based > > authentication. Basically, how is it accomplished? > > http://deployingradius.com/documents/configuration/active_dire > ctory.html > > It's pretty much the same as normal user authentication. PEAP goes > in, authentication goes out, never a miscommunication. :) > > > The EAP functions for clients using EAP-TTLS and EAP-PEAP > work just fine > > for all users in all domains (authenticated via ntlm_auth) > EXCEPT for > > the "host\\computer.domain.name" users (the computer accounts). I'd > > like to make this work, partly because a large number of the failed > > login attempts in my logs are from hosts that are valid > domain members. > > So... what goes wrong? > > > Sooo... help? What's the basic idea behind making this work? > > Post the debug log from a failed session. > > Alan DeKok. > - > List info/subscribe/unsubscribe? See > http://www.freeradius.org/list/users.html > - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
