Re: Freeradius and Windows 2003 Active Directory Authentication (2)
It sounded to me like you were saying I will never get radius to authenticate vs my ldap directory. Anyway I fixed the problem and now authenticate. I needed to change that users file to use LDAP as the DEFAULT Auth-Type and it now authenticates. I now have to figure out a L2TPNS problem I am having (kills my network on startup) and get that to handle auth requests which it passes to ldap via radius. On 7/27/05, Alan DeKok <[EMAIL PROTECTED]> wrote: > Tim P <[EMAIL PROTECTED]> wrote: > > I am trying to get a l2tpns server to authenticate to freeradius that > > takes it's userbase from windows 2003 active directory. Are you > > saying then that there is no way for me to use ldap as my user store? > > What part of my response was unclear? > > Alan DeKok. > - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Freeradius and Windows 2003 Active Directory Authentication (2)
Tim P <[EMAIL PROTECTED]> wrote: > I am trying to get a l2tpns server to authenticate to freeradius that > takes it's userbase from windows 2003 active directory. Are you > saying then that there is no way for me to use ldap as my user store? What part of my response was unclear? Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Freeradius and Windows 2003 Active Directory Authentication (2)
I am trying to get a l2tpns server to authenticate to freeradius that takes it's userbase from windows 2003 active directory. Are you saying then that there is no way for me to use ldap as my user store? On 7/26/05, Alan DeKok <[EMAIL PROTECTED]> wrote: > Tim P <[EMAIL PROTECTED]> wrote: > > I am having trouble getting my radius setup to authenticate to windows > > 2003 active directory. > > That will work only for PAP, if that's all you need. > > > radiusd.conf - I didn't find a system or System auth type, did I > > miss something? > > See the "users" file: > > > users: Matched entry DEFAULT at line 152 > > Alan DeKok. > - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Freeradius and Windows 2003 Active Directory Authentication (2)
Tim P <[EMAIL PROTECTED]> wrote: > I am having trouble getting my radius setup to authenticate to windows > 2003 active directory. That will work only for PAP, if that's all you need. > radiusd.conf - I didn't find a system or System auth type, did I > miss something? See the "users" file: > users: Matched entry DEFAULT at line 152 Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Freeradius and Windows 2003 Active Directory Authentication (2)
Previous post sent before I was done, here is the full post: I am having trouble getting my radius setup to authenticate to windows 2003 active directory. when using the following string "radtest administrator "password" localhost 2 radiussecret rad_recv: Access-Request packet from host 127.0.0.1:32775, id=240, length=65 User-Name = "administrator" User-Password = "password" NAS-IP-Address = 255.255.255.255 NAS-Port = 2 Processing the authorize section of radiusd.conf modcall: entering group authorize for request 0 modcall[authorize]: module "preprocess" returns ok for request 0 modcall[authorize]: module "chap" returns noop for request 0 modcall[authorize]: module "mschap" returns noop for request 0 rlm_realm: No '@' in User-Name = "administrator", looking up realm NULL rlm_realm: No such realm "NULL" modcall[authorize]: module "suffix" returns noop for request 0 rlm_eap: No EAP-Message, not doing EAP modcall[authorize]: module "eap" returns noop for request 0 users: Matched entry DEFAULT at line 152 modcall[authorize]: module "files" returns ok for request 0 rlm_ldap: - authorize rlm_ldap: performing user authorization for administrator radius_xlat: '(sAMAccountName=administrator)' radius_xlat: 'dc=company,dc=org' rlm_ldap: ldap_get_conn: Checking Id: 0 rlm_ldap: ldap_get_conn: Got Id: 0 rlm_ldap: attempting LDAP reconnection rlm_ldap: (re)connect to gtds-domcon.gtdsolutions.org:389, authentication 0 rlm_ldap: bind as cn=administrator,cn=Users,dc=company,dc=org/password to domcon.company.org:389 rlm_ldap: waiting for bind result ... rlm_ldap: Bind was successful rlm_ldap: performing search in dc=company,dc=org, with filter (sAMAccountName=administrator) rlm_ldap: looking for check items in directory... rlm_ldap: looking for reply items in directory... rlm_ldap: user administrator authorized to use remote access rlm_ldap: ldap_release_conn: Release Id: 0 modcall[authorize]: module "ldap" returns ok for request 0 modcall: group authorize returns ok for request 0 rad_check_password: Found Auth-Type System auth: type "System" Processing the authenticate section of radiusd.conf modcall: entering group authenticate for request 0 modcall[authenticate]: module "unix" returns notfound for request 0 modcall: group authenticate returns notfound for request 0 auth: Failed to validate the user. Delaying request 0 for 1 seconds Finished request 0 radiusd.conf - I didn't find a system or System auth type, did I miss something? ldap { server = "domcon.company.org" basedn = "dc=company,dc=org" filter = "(sAMAccountName=%u)" password_attribute = "userPassword" identity = "cn=administrator,cn=Users,dc=company,dc=org" password = password ldap# this is enabled Auth-Type LDAP { ldap } - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Freeradius and Windows 2003 Active Directory Authentication
I am having trouble getting my radius setup to authenticate to windows 2003 active directory. when using the following string " radiusd.conf ldap { server = "gtds-domcon.gtdsolutions.org" basedn = "dc=gtdsolutions,dc=org" filter = "(sAMAccountName=%u)" password_attribute = "userPassword" identity = "cn=administrator,cn=Users,dc=gtdsolutions,dc=org" password = pantera ldap - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html