Hello, On Tue, Feb 03, 2004 at 02:00:25PM -0500, kartzman wrote: > i'm having trouble getting freeradius server to talk to my WinXP client. I > followed the instructions in the HOWTO but it doesn't work. here's the > entry in the users file: > > "DOM\\Ewu" Auth-Type := EAP , User-Password == "password"
I have exactly the same problem. Previously I solved it by using with_ntdomain_hack, which no longer works with the current EAP-code. I think the peap-module needs to use the username without the domain for authentication. Trying to define a (local) Realm for my domain works a bit, but the PEAP- Module still uses the User-Name Attribute and not the Stripped-User-Name, so authentication fails there again. (With the same errors you have) I need to authenticate the user michael against the stored PW and not the user MARVIN\michael which seems to happen. Stripped-User-Name in this case is just "michael". I have not found any way to tell the peap-module to use the Stripped- Username (maybe i am just to dumb). Trying to use hints gets me the same error I posted previously with my try with_ntdomain_hack (rlm_eap: Identity does not match User-Name, setting from EAP Identity.). I currently have no idea how to really strip off the domain from the username to make authentication work with unaltered current cvs freeradius-sources. (See my mail from january how it is currently working here with_ntdomain_hack and a small patch against eap.c) (I currently can't provide logs, because I don't have access to the system at this time, but will be able to provide my failure-logs on the next weekend) Regards, Michael - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
