Hello, I'm using freeradius 1.0.2 in PEAP-mschapv2, All is ok when I authenticate an user who is in the users file but when I want to authenticate a user who is in an active directory database, I have this error :
rad_recv: Access-Request packet from host 10.74.1.110:3072, id=0, length=211 User-Name = "mobil" NAS-IP-Address = 10.74.1.110 Called-Station-Id = "000f6610df4b" Calling-Station-Id = "000e35be0159" NAS-Identifier = "000f6610df4b" NAS-Port = 230 Framed-MTU = 1400 State = 0xe344a026b507ba325ecaf835d7dcbe63 NAS-Port-Type = Wireless-802.11 EAP-Message = 0x02070050190017030100204ac713ab760161e2057ddf6ea635b3eefbe3241b15c89cd1a2777955084d1840170301002015279db846068b3791d9b6b9b187235ab7aef20e0d769d46770cfa3005c33eed Message-Authenticator = 0xf49104f1efe72794cbee86bf86af00df Processing the authorize section of radiusd.conf [...] rlm_eap_peap: EAPTLS_OK rlm_eap_peap: Session established. Decoding tunneled attributes. rlm_eap_peap: Received EAP-TLV response. rlm_eap_peap: Tunneled data is valid. //The problem is here, if the user is in the users file, the following line is "Success" but here... rlm_eap_peap: Had sent TLV failure, rejecting. rlm_eap: Handler failed in EAP/peap rlm_eap: Failed in EAP select modcall[authenticate]: module "eap" returns invalid for request 50 modcall: group authenticate returns invalid for request 50 auth: Failed to validate the user. Delaying request 50 for 1 seconds Finished request 50 Going to the next request Waking up in 6 seconds... --- Walking the entire request list --- Sending Access-Reject of id 0 to 10.74.1.110:3072 EAP-Message = 0x04070004 Message-Authenticator = 0x00000000000000000000000000000000 Cleaning up request 50 ID 0 with timestamp 4264dda6 Nothing to do. Sleeping until we see a request. So, if you have an idea about that, please tell me. Thank you, Sylvain Clerc. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html