I went through the setup as recommended by Louis. I was able to get the
machine on the domain. When I run the ntlm_auth command, I encounter the
following error message:
[root@pf-zen-esx ~]# ntlm_auth --username *****
password:
NT_STATUS_CANT_ACCESS_DOMAIN_INFO: NT_STATUS_CANT_ACCESS_DOMAIN_INFO
(0xc00000da)
I didn't try the radtest command as yet, as I figured I should get this one
sorted out first.
On Mon, Jun 2, 2014 at 10:25 AM, Carla Nurse <[email protected]> wrote:
> I am trying to setup the RADIUS server using Active Directory and got to
> the radtest test. The LDAP connect, bind and search is successful but the
> radtest is failing. I keep getting the error message:
>
> [root@pf-zen-esx ~]# radtest dd9999 Abcd1234 localhost:18120 12 testing123
> radclient:: Failed to find IP address for pf-zen-esx
> radclient: Nothing to send.
>
> So far, I have:
> 1. Checked to make sure that the SQL password is working using the command
> *mysql
> -u pf -p *and checked the sql.conf file which is included below.
>
>
> [root@pf-zen-esx ~]# mysql -u pf -p
> Enter password:
> Welcome to the MySQL monitor. Commands end with ; or \g.
>
>
> sql {
> database = "mysql"
> driver = "rlm_sql_${database}"
>
> server = "%%db_host%%"
> port = %%db_port%%
> login = "%%db_username%%"
> password = "%%db_password%%"
>
> radius_db = "%%db_database%%"
>
> acct_table1 = "radacct"
> acct_table2 = "radacct"
> postauth_table = "radpostauth"
> authcheck_table = "radcheck"
> authreply_table = "radreply"
> groupcheck_table = "radgroupcheck"
> groupreply_table = "radgroupreply"
> usergroup_table = "radusergroup"
>
> deletestalesessions = yes
> sqltrace = no
> sqltracefile = ${logdir}/sqltrace.sql
> num_sql_socks = 5
> connect_failure_retry_delay = 60
> lifetime = 0
> max_queries = 0
>
> readclients = yes
> nas_table = "radius_nas"
>
> $INCLUDE sql/${database}/packetfence.conf
> }
>
>
> 2. Created a symbolic link *ln -s ../sites-available/packetfence|ln -s
> ../sites-available/packetfence-tunnel*
>
> 3. And based on another thread on this page, I checked my radiusd.conf
> file to see if $INCLUDE sql.conf was located. It was there. I have
> attached the radiusd.conf file.
>
> prefix = /usr
> exec_prefix = /usr
> sysconfdir = /etc
> localstatedir = %%install_dir%%/var
> sbindir = /usr/sbin
> logdir = %%install_dir%%/logs
> raddbdir = %%install_dir%%/var/radiusd
> radacctdir = %%install_dir%%/logs/radacct
>
> name = radiusd
>
> confdir = ${raddbdir}
> run_dir = ${localstatedir}/run
>
> db_dir = ${raddbdir}
>
> libdir = /usr/lib%%arch%%/freeradius
> pidfile = ${run_dir}/${name}.pid
>
> rpc_user = %%rpc_user%%
> rpc_pass = %%rpc_pass%%
> rpc_port = 9090
> rpc_server = 127.0.0.1
> rpc_proto = http
>
>
> user = pf
> group = pf
>
> max_request_time = 30
> cleanup_delay = 5
> max_requests = 20000
>
> listen {
> type = auth
> ipaddr = %%management_ip%%
> port = 0
> virtual_server = packetfence
> }
>
> listen {
> ipaddr = %%management_ip%%
> port = 0
> type = acct
> virtual_server = packetfence
> }
>
> hostname_lookups = no
> allow_core_dumps = no
>
> regular_expressions = yes
> extended_expressions = yes
>
> log {
> destination = files
> file = ${logdir}/radius.log
> syslog_facility = daemon
> stripped_names = no
> auth = yes
> auth_badpass = no
> auth_goodpass = no
> }
>
> checkrad = ${sbindir}/checkrad
>
> security {
> max_attributes = 200
> reject_delay = 1
> status_server = yes
> # On Centos, even if the openssl lib has been patched, freeradius
> refuse to start. Make sure you update openssl.
> allow_vulnerable_openssl = yes
> }
>
> proxy_requests = yes
> $INCLUDE proxy.conf
> $INCLUDE clients.conf
>
> thread pool {
> start_servers = 5
> max_servers = 32
> min_spare_servers = 3
> max_spare_servers = 10
> max_requests_per_server = 0
> }
>
> modules {
> $INCLUDE ${confdir}/modules/
> $INCLUDE eap.conf
> $INCLUDE sql.conf
> }
>
> instantiate {
> exec
> expr
> expiration
> logintime
> raw
> }
>
> $INCLUDE policy.conf
> $INCLUDE sites-enabled/
>
>
> Is there anything else that can be done?
>
> Thank you,
> Carla
>
>
------------------------------------------------------------------------------
Learn Graph Databases - Download FREE O'Reilly Book
"Graph Databases" is the definitive new guide to graph databases and their
applications. Written by three acclaimed leaders in the field,
this first edition is now available. Download your free book today!
http://p.sf.net/sfu/NeoTech
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
