Re: FR + AD + Vlans + LDAP help

2007-04-17 Thread Jacob Jarick
radiusd -X -A output: http://pastebin.ca/444201 radiusd.conf: http://pastebin.ca/444205 After re-reading http://wiki.freeradius.org/index.php/Rlm_ldap I enabled ldap debug and re-aranged the ldap config like so: before: identity = cn=freeradius,ou=admins,ou=radius,dc=tfxschool,dc=internal passwor

Re: FR + AD + Vlans + LDAP help

2007-04-17 Thread Jacob Jarick
radiusd -X -A output: http://pastebin.ca/444162 radiusd.conf: http://pastebin.ca/444163 I just figured out that ou != groups. So my current freeradius user is \admins\radius\freeradius admins being an orgnisational unit, radius being an ou inside admins. I get this error when freeradius trys to

Re: FR + AD + Vlans + LDAP help

2007-04-16 Thread Jacob Jarick
radiusd -X -A output: http://pastebin.ca/444131 radius.conf: http://pastebin.ca/444132 OK Ive sorted that pesky ntlm_auth error, but I have encountered a new 1 (at least its something new :D ). The specific part of the error is below. rlm_ldap: ldap_get_conn: Checking Id: 0 rlm_ldap: ldap_get_c

Re: FR + AD + Vlans + LDAP help

2007-04-16 Thread Jacob Jarick
Thanks again alan. ntlm_auth error fixed, just working on the next 1 now :) On 4/17/07, Alan DeKok <[EMAIL PROTECTED]> wrote: > Jacob Jarick wrote: > > Im currently trying to configure freeradius to authenticate via a > > win2k3 server, check the users group and then return a confirmation/ > > de

Re: FR + AD + Vlans + LDAP help

2007-04-16 Thread Alan DeKok
Jacob Jarick wrote: > Im currently trying to configure freeradius to authenticate via a > win2k3 server, check the users group and then return a confirmation/ > denial + vlan id for the cisco WAP to process. > > Questions: > > 1: Is ldap the only way of retreiving the users group/s If the user

Re: Fwd: FR + AD + Vlans + LDAP help

2007-04-16 Thread Alan DeKok
Jacob Jarick wrote: > Im not sure what is happening atm, the wireless client trys to > authenticate but fails. > > radiusd -X -A output: http://pastebin.ca/444005 The debug output shows an error message from ntlm_auth. Fix that. > Now I am still asumming radius can auth against ADS using ldap

Fwd: FR + AD + Vlans + LDAP help

2007-04-16 Thread Jacob Jarick
Jarick <[EMAIL PROTECTED]> Date: Apr 17, 2007 11:11 AM Subject: FR + AD + Vlans + LDAP help To: FreeRadius users mailing list Hello, Im currently trying to configure freeradius to authenticate via a win2k3 server, check the users group and then return a confirmation/ denial + vlan id f

FR + AD + Vlans + LDAP help

2007-04-16 Thread Jacob Jarick
Hello, Im currently trying to configure freeradius to authenticate via a win2k3 server, check the users group and then return a confirmation/ denial + vlan id for the cisco WAP to process. Questions: 1: Is ldap the only way of retreiving the users group/s 2 - Can I talk directly to the ADS usin