On 06/19/2010 01:03 PM, Alan DeKok wrote:
John Dennis wrote:
On 06/18/2010 04:03 PM, Kyle Plimack wrote:
So how do I get pap to do it?
If you're asking how to you get pap to do mschap then that's a
nonsensical question.
Here is how things work:
http://wiki.freeradius.org/Concepts
Nice
Kyle Plimack wrote:
I’m getting the following error now
Any thoughts on correcting this winbind error?
See the winbind documentation?
You can try running ntlm_auth from the command line. If it doesn't
work there, no amount of poking FreeRADIUS will make it work.
You can also try seeing
John Dennis wrote:
On 06/18/2010 04:03 PM, Kyle Plimack wrote:
So how do I get pap to do it?
If you're asking how to you get pap to do mschap then that's a
nonsensical question.
Here is how things work:
http://wiki.freeradius.org/Concepts
Nice discussion, thanks.
Alan DeKok.
-
List
Kyle Plimack wrote:
I have pap working (i.e. I ran radtest and got an access-accept).
I don’t want to configure certs on each of my hosts for each of my
clients, so I’d like to use PEAP/msChapV2 so that dot1x clients are
prompted for and username/password.
According the the
On 06/18/2010 02:01 AM, Alan DeKok wrote:
Kyle Plimack wrote:
I have pap working (i.e. I ran radtest and got an access-accept).
I don’t want to configure certs on each of my hosts for each of my
clients, so I’d like to use PEAP/msChapV2 so that dot1x clients are
prompted for and
Doing an ldapsearch put me on the right track, I had created a user 'radiusd',
but that user did not have the rights to request the userPassword.
The error I am getting now is:
Found Auth-Type = EAP
+- entering group authenticate {...}
[eap] Request found, released from the list
[eap]
Kyle Plimack wrote:
I added an entry to ldap.attrmap, “checkItem Cleartext-Password
userPassword”
The Password is not cleartext, but I read somewhere that radius is
supposed to figure that out automatically from a header. This is what
is returned:
rlm_ldap: userPassword -
So how do I get pap to do it?
On 6/18/10 12:50 PM, Alan DeKok al...@deployingradius.com wrote:
Kyle Plimack wrote:
I added an entry to ldap.attrmap, checkItem Cleartext-Password
userPassword
The Password is not cleartext, but I read somewhere that radius is
supposed to figure that out
On 06/18/2010 02:11 PM, Kyle Plimack wrote:
Doing an ldapsearch put me on the right track, I had created a user
‘radiusd’, but that user did not have the rights to request the
userPassword.
The error I am getting now is:
Found Auth-Type = EAP
+- entering group authenticate {...}
[eap] Request
Kyle Plimack wrote:
So how do I get pap to do it?
To do what?
If you're asking why PAP works, go read the table. It's not hard.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
That has to go in the wiki somewhere. That's possibly the best explanation of
how FreeRADIUS processes requests I've ever heard... :)
-Arran
On Jun 18, 2010, at 1:50 PM, John Dennis wrote:
On 06/18/2010 04:03 PM, Kyle Plimack wrote:
So how do I get pap to do it?
If you're asking how to you
So I gave in and connected radius to my active directory (which we wish we
could get rid of).
I'm getting the following error now
Any thoughts on correcting this winbind error?
[mschapv2] +- entering group MS-CHAP {...}
[mschap] NT Domain delimeter found, should we have enabled
check this out
http://www.clearfoundation.com/docs/howtos/setting_up_freeradius2_to_use_ldap
Kyle Plimack wrote:
I’m trying to use ldap to authorize/authenticate my users into the
wireless network using 802.1x.
I just created a fresh installation of freeradius 2.1.7. We use Centos
Kyle Plimack wrote:
I’ve read a lot of threads and looked at the protocol / encryption
compatibility chart, but I’ve never seen someone say, “this is the
solution”.
1) get PAP working against LDAP
2) follow the EAP guide (deployingradius.com) to get EAP working
3) configure ldap in the
On 06/17/2010 11:57 AM, Kyle Plimack wrote:
I’m trying to use ldap to authorize/authenticate my users into the
wireless network using 802.1x.
I just created a fresh installation of freeradius 2.1.7. We use Centos
Directory Server (aka red had dir. Srv / fedora dir.srv), not openLdap.
You
I have pap working (i.e. I ran radtest and got an access-accept).
I don't want to configure certs on each of my hosts for each of my clients, so
I'd like to use PEAP/msChapV2 so that dot1x clients are prompted for and
username/password.
According the the deployingradius.com guide, once pap is
On Fri, Jun 18, 2010 at 7:44 AM, Kyle Plimack kplim...@videoegg.com wrote:
I have pap working (i.e. I ran radtest and got an access-accept).
I don’t want to configure certs on each of my hosts for each of my clients,
so I’d like to use PEAP/msChapV2 so that dot1x clients are prompted for and
17 matches
Mail list logo