So in this case what changes do I need to make in order for it to work. Sorry am bit lost right now.
Thanks and appreciate it. Sent from my iPhone On 29/11/2011, at 10:22 AM, "Fajar A. Nugraha" <l...@fajar.net> wrote: > On Tue, Nov 29, 2011 at 4:03 AM, Vikash Gounder > <vikash.goun...@acu.edu.au> wrote: >> Hi Fajar, >> >> Thanks so much for replying. >> >> The debug log for local test against AD is attached: >> >> Listening on authentication address * port 1812 >> Listening on accounting address * port 1813 >> Listening on command file /var/run/radiusd/radiusd.sock >> Listening on proxy address * port 1814 >> Ready to process requests. >> >> rad_recv: Access-Request packet from host 127.0.0.1 port 35067, id=16, >> length=61 >> User-Name = "uldaptest" > > See this line? >> User-Password = "usk.173n!" > >> [ldap] user DN: CN=Unilinc ldaptest,OU=System Accounts,OU=Generic >> Accounts,DC=acustaff,DC=acu,DC=edu,DC=au >> rlm_ldap: (re)connect to acustaff.acu.edu.au:3268, authentication 1 >> rlm_ldap: bind as CN=Unilinc ldaptest,OU=System Accounts,OU=Generic >> Accounts,DC=acustaff,DC=acu,DC=edu,DC=au/usk.173n! to >> acustaff.acu.edu.au:3268 >> rlm_ldap: waiting for bind result ... >> rlm_ldap: Bind was successful >> [ldap] user uldaptest authenticated succesfully > > This is ldap bind. It'll work if the user password is available as > plain text in the request (e.g. using PAP with radtest). It will not > work if the user password is not available in the request (e.g. > PEAP-MSCHAP-v2) > >> I got a question for you?? If only using for WPA, do I also need to >> configure samba and use nltm_auth, since this radius device will be used by >> ipad, netbooks etc etc etc.... > > Yes, since you set your AP to use WPA2/radius auth the clients will > usually use EAP-PEAP-MSCHAPv2, where user password is not available as > plain text in the request. > > -- > Fajar > > - > List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html