Using FreeRadius on Ubuntu 12.04 FreeRadius is communicating with Windows 2008 R2 Active Directory server. I have MS-CHAP authentication working fine. This is used for VPN.
I am setting up LDAP authorization and CHAP authentication. This will be used for router login. The router has the radius configuration pointing to FreeRadius box. >From the logs, the LDAP authorization appears to bind correctly but is unable to retrieve a clear password for the user account and thus user cannot be authenticated with CHAP. [ldap] No default NMAS login sequence [ldap] looking for check items in directory... [ldap] looking for reply items in directory... WARNING: No "known good" password was found in LDAP. Are you sure that the user is configured correctly? I believe above indicates that no data is received from LDAP query and no password is retrieved. I have attached relevant debug log output and config files. http://freeradius.1045715.n5.nabble.com/file/n5711532/freeradius_-_x.txt freeradius_-_x.txt output from running freeradius server in debug mode http://freeradius.1045715.n5.nabble.com/file/n5711532/router_connection_attempt.txt router_connection_attempt.txt output from connection attempt for router http://freeradius.1045715.n5.nabble.com/file/n5711532/default.txt default.txt /etc/freeradius/sites-available/default http://freeradius.1045715.n5.nabble.com/file/n5711532/inner-tunnel.txt inner-tunnel.txt /etc/freeradius/sites-available/inner-tunnel http://freeradius.1045715.n5.nabble.com/file/n5711532/ldap.txt ldap.txt /etc/freeradius/modules/ldap -- View this message in context: http://freeradius.1045715.n5.nabble.com/FreeRadius-unable-to-read-password-from-LDAP-query-to-win2008-AD-tp5711532.html Sent from the FreeRadius - User mailing list archive at Nabble.com. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html