No ldap? Why? The active directory services
based LDAP.
Sorry I dont understand why... :-)
From:
[EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Domingo Antonio
Sent: Thursday, August 17, 2006
9:58 PM
To: 'FreeRadius users mailing list'
Subject: RES: Active Directory
Users
no ldap..
you need to use ntlm authentication
you need to configure your samba as ADS security
mode, add samba to AD and start winbind service...
De:
[EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Em nome de Mohammad
Abohelal
Enviada em: quinta-feira, 17 de agosto
de 2006 17:45
Para:
freeradius-users@lists.freeradius.org
Assunto: Active Directory Users
Hi all
I need
help with simple configuration to authenticate windows active directory users
via free radius.
I have a
domain controller, Cisco vpdn router , and free radius UNIX
environment ( FreeBSD )
Active
directory group: VPDN, user name's have allow dialin on user option
Radiusd.conf
ldap configuration:
ldap {
server
= ad.xxx.yyy
identity
= CN=radiusd,OU=External_Object,DC=xxxl,DC=yyy
password
= radiusd111
basedn
= OU=VPDN_USERS,OU=External_Object,DC=xxx,DC=yyy
filter
= (uid=%{Stripped-User-Name:-%{User-Name}})
base_filter
= (objectclass=radiusprofile)
When I
try to connect via l2tp dialer I get error: (auth: Failed to validate the
user
(
modcall:
leaving group authorize (returns ok) for request 0
rad_check_password: Found Auth-Type LDAP
auth:
type LDAP
Processing the authenticate section of radiusd.conf
modcall:
entering group LDAP for request 0
rlm_ldap:
- authenticate
rlm_ldap:
login attempt by vpdn1 with password
radius_xlat:
'(uid=vpdn1)'
radius_xlat:
'OU=VPDN_USERS,OU=External_Object,DC=xxxl,DC=yyy'
rlm_ldap:
ldap_get_conn: Checking Id: 0
rlm_ldap:
ldap_get_conn: Got Id: 0
rlm_ldap:
attempting LDAP reconnection
rlm_ldap:
(re)connect to ad.xxx.yyy:389, authentication 0
rlm_ldap:
bind as CN=radiusd,OU=External_Object,DC=xxx,DC=yyy/radiusd111 to
ad.xxx.yyy:389
rlm_ldap:
waiting for bind result ...
rlm_ldap:
Bind was successful
rlm_ldap:
performing search in OU=VPDN_USERS,OU=External_Object,DC=xxx,DC=yyy, with
filter (uid=vpdn1)
rlm_ldap:
object not found or got ambiguous search result
rlm_ldap:
ldap_release_conn: Release Id: 0
modcall[authenticate]: module ldap returns
notfound for request 0
modcall:
leaving group LDAP (returns notfound) for request 0
auth:
Failed to validate the user.
Login
incorrect (rlm_ldap: User not found): [vpdn1/ (from client wan-gw1 port 25)
Delaying
request 0 for 1 seconds
Finished
request 0
Going to
the next request
Thread 1
waiting to be assigned a request
rad_recv:
Access-Request packet from host 194.90.143.73:1645, id=20, length=102
Sending
Access-Reject of id 20 to 194.90.143.73 port 1645
--- Walking the entire request list ---
Waking up
in 1 seconds...
--- Walking the entire request list ---
Cleaning
up request 0 ID 20 with timestamp 44e4c472
Nothing
to do. Sleeping until we see a request.
Thank you
Mohammad
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html