Júlíus Þór Bess Ríkharðsson wrote: > I'm not sure why you say that my LDAP is not working because in the > second debug output you can see that I find the object and use it's DN > and also extract an attribute from the object. There is no known good > password however because AD doesn't store clear-text passwords.
Then you're not really using an LDAP server. See my web page for instructions on getting FreeRADIUS to work with AD: http://deployingradius.com/documents/configuration/active_directory.html > I made this setup so that I could keep things separated. I wanted > everything for that domain to be handled in it's own virtual-server. I > thought that was your idea? Am I misunderstanding virtual-servers? No. But you're PROXYING the tunneled request. Why? The "inner-tunnel" virtual server already handles the tunneled request. > So... is the conclusion that; this is the behaviour of User-Name when > proxied? Follow the instructions in my previous message. DON'T proxy the inner tunnel data. It's that easy. You're ignoring my instructions. You're asking irrelevant questions. You can try to figure out *why* it's going wrong. Or, you can follow instructions and have it work. Which one do you prefer? Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html