PEAP and Active directory working

2005-01-16 Thread AJ Grinnell
Thank you all for the help on my issue. There was a problem with Samba not conencting correctly to my pdc. I can now authenticate over 802.1x to my AD using my username and password. The final question I have here deals with the ntdomain hack. Radiusd.conf says not to use it, Iand I can strip the r

Re: LDAP, PEAP, Active Directory issue

2005-01-13 Thread AJ Grinnell
On Thu, 13 Jan 2005 15:40:21 -0700, Ron Wahler <[EMAIL PROTECTED]> wrote: > Where is a good place to read the details of how ntlm_auth integrates in > with AD ? > > Ron. > If you happen to find out, will you please let me know? I will pass the info to you if I find it first. - List info/subscr

Re: LDAP, PEAP, Active Directory issue

2005-01-13 Thread AJ Grinnell
Does anyone have an example of radiusd.conf that will show the following. I know this can be done. Windows XP client --> 802.1x/PEAP --> Freeradius 1.0.1 --> Active Directory I have tried many different configs, yet I am still getting an error with the password. I just need an example, please. -

Re: LDAP, PEAP, Active Directory issue

2005-01-13 Thread AJ Grinnell
On Thu, 13 Jan 2005 10:06:15 -0500, Alan DeKok <[EMAIL PROTECTED]> wrote: > AJ Grinnell <[EMAIL PROTECTED]> wrote: > > Ok, I have peap working with the users file and with mysql, and I have > > radius working with ldap also. But I can not get a user to > > aut

LDAP, PEAP, Active Directory issue

2005-01-13 Thread AJ Grinnell
Ok, I have peap working with the users file and with mysql, and I have radius working with ldap also. But I can not get a user to authenticate against ldap using peap. I have seen that you cant use eap and ldap, but peap and ldap should work from what I have read. Any hints? the debug that I am se

LDAP segmentation fault resolved

2005-01-11 Thread AJ Grinnell
After digging deeper, I found that if you remove all lidsasl.* libs, and recompile freeradius, I no longer recieve the fault! But no I am seeing rlm_ldap x failed protocol error and knowing next to nothing about ldap, I am lost. Is this something that I am screwing up? - List info/subsc

LDAP segmentation faults

2005-01-11 Thread AJ Grinnell
I have allready tried the previous suggestions that I could find on this list, but I still get a segmentation fault when freeradius tries to bind to my ldap server. I see where rlm_ldap and libldap are linked to different locations, and I have installed the src.rpm for fedore core 2 as someone had

Re: PEAP and LDAP

2005-01-10 Thread AJ Grinnell
That is the answer I was waiting to hear. Thank you very much for your quick response. On Mon, 10 Jan 2005 20:53:34 -0500, Alan DeKok <[EMAIL PROTECTED]> wrote: > AJ Grinnell <[EMAIL PROTECTED]> wrote: > > I am getting mixed messages hear. Is it possible to authenticat

PEAP and LDAP

2005-01-10 Thread AJ Grinnell
I am getting mixed messages hear. Is it possible to authenticate against an LDAP server using 801.1x PEAP? - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: documentation for freeradius

2004-10-22 Thread AJ Grinnell
I read the O'Reilly RADIUS book. Good documentation on RADIUS in general, also all referances are to freeradius. On Fri, 22 Oct 2004 10:02:50 -0400 (EDT), Dustin Doris <[EMAIL PROTECTED]> wrote: > On Thu, 21 Oct 2004, John Simms wrote: > > > Hi, can anyone tell me where I can get good > > docume

Rejecting null realm

2004-10-08 Thread AJ Grinnell
I am still having trouble finding a way to reject users who do not use a realm. Googleing and man pages havent shown me anything yet. Any ideas? - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Realm problems

2004-10-07 Thread AJ Grinnell
I am having a problem with realms that I am sure should be easy to make work, but I am still having some problems. First, I want to reject anyone who does not use a realm after their user name. The second part is that when I log in with [EMAIL PROTECTED], it is sending the full [EMAIL PROTECTED] to

Re: Ignoring Filter-ID

2004-09-15 Thread AJ Grinnell
On Wed, 15 Sep 2004 10:20:05 -0400, Alan DeKok <[EMAIL PROTECTED]> wrote: > AJ Grinnell <[EMAIL PROTECTED]> wrote: > > Dont want it, dont need it, but the > > customer cant turn it off. Can I just totally drop or strip the > > filter-id attribute? >

filter-id

2004-09-15 Thread AJ Grinnell
Could someone tell me where and how to use a filter that is called by the filter-id attribute? Just a simple hint or link would make my day. Thank you. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Ignoring Filter-ID

2004-09-14 Thread AJ Grinnell
I am proxying authentication for a company that uses the filter-id attribute. When the Cisco AS5350 sees the filter-id, it does not allow the user on the network. I am trying to find a way that I can just ignore the filter-id attribute. Dont want it, dont need it, but the customer cant turn it off.

ERROR: No Digest-Nonce: Cannot perform Digest authentication, Please help

2004-09-10 Thread AJ Grinnell
I have just set up version 1.0.0 of Freeradius and am using MySQL tables rather than the users file. I would like to get Digest authentication working so that SER can authenticate phone users against Radius. I have followed any and all info that I can find about setting this up, but I am getting an