Is there any documentation someone can point me to on doing machine
authentication with edirectory, or with an ldap backend?
Thanks
Mark
--
View this message in context:
http://freeradius.1045715.n5.nabble.com/Renaming-during-Machine-Authentication-tp4394421p4462448.html
Sent from the
mjonesmcne wrote:
Is there any documentation someone can point me to on doing machine
authentication with edirectory, or with an ldap backend?
Nope. The machine authentication passwords are normally controlled by
Active Directory.
Your role is to find out what password the machine is
I have enabled ldap in the inner-tunnel...here is the lastest debug log (part 1)
Mark
FreeRADIUS Version 2.1.10, for host i686-pc-linux-gnu, built on Mar 23 2011 at
11:28:44
Copyright (C) 1999-2009 The FreeRADIUS server project and contributors.
There is NO warranty; not even for
Mark Jones wrote:
Ok Im going to try following that guide Monday morning, just one
question before I get started...does it work with an edir backend and a
samba server acting as a PDC on an OES2 server?
Uh... no. The guide is for getting Active Directory to work. Active
Directory is not
mjonesmcne wrote:
Here is the rest of the debug
...
[eap] EAP/mschapv2
[eap] processing type mschapv2
[mschapv2] # Executing group from file /etc/raddb/sites-enabled/inner-tunnel
[mschapv2] +- entering group MS-CHAP {...}
[mschap] No Cleartext-Password configured. Cannot create LM-Password.
Ok so where or how do I tell it?
Mark
Alan DeKok al...@deployingradius.com 6/3/2011 11:57 PM
mjonesmcne wrote:
Here is the rest of the debug
...
[eap] EAP/mschapv2
[eap] processing type mschapv2
[mschapv2] # Executing group from file /etc/raddb/sites-enabled/inner-tunnel
[mschapv2] +-
Mark Jones wrote:
Ok so where or how do I tell it?
http://deployingradius.com/
Follow the Active Directory guide.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Ok Im going to try following that guide Monday morning, just one question
before I get started...does it work with an edir backend and a samba server
acting as a PDC on an OES2 server?
Thanks for the advice Alan
Mark
Alan DeKok al...@deployingradius.com 6/4/2011 1:22 PM
Mark Jones wrote:
Here is my debug now I might have to break it up into 2 posts though because
of the size
FreeRADIUS Version 2.1.10, for host i686-pc-linux-gnu, built on Mar 23 2011
at 11:28:44
Copyright (C) 1999-2009 The FreeRADIUS server project and contributors.
There is NO warranty; not even for
Here is the rest of the debug
Waking up in 3.3 seconds.
rad_recv: Access-Request packet from host 10.152.0.100 port 32819, id=114,
length=198
User-Name = host/TEST-11501.hpsd48.ab.ca
NAS-IP-Address = 10.152.0.100
NAS-Port = 1
NAS-Identifier = 10.152.0.100
I tried to paste the full log in but it was rejected because of size, what
the best option to cut it into pieces and post a few times or is there
another way to do it?
Thanks
Mark
--
View this message in context:
Phil Mayers p.may...@imperial.ac.uk 5/21/2011 3:08 AM
On 05/20/2011 10:33 PM, Mark Jones wrote:
Here is the latest debug...Im not sure what to try next.
Latest debug... ok, what has changed?
I added the dns suffix to the computer name
rad_recv: Access-Request packet from host
Your email client is mangling the quoting, which makes it really hard to
read your replies. Please fix it!
So this is a full host/name.domain.com now - what did you change?
as per above i added the dns suffix to the computer (under name
change...more)
Just renaming the machine won't help.
On 05/24/2011 06:00 PM, Mark Jones wrote:
Here is the latest debug with termination on Aruba turned off:
FreeRADIUS Version 2.1.10, for host i686-pc-linux-gnu, built on Mar 23
Sending Access-Challenge of id 152 to 10.152.0.100 port 32819
EAP-Message =
On 05/20/2011 10:33 PM, Mark Jones wrote:
Here is the latest debug...Im not sure what to try next.
Latest debug... ok, what has changed?
rad_recv: Access-Request packet from host 10.152.0.100 port 32819,
id=186, length=216
NAS-IP-Address = 10.152.0.100
NAS-Port = 0
NAS-Port-Type =
User-Name = host/TECH-11501
Machines which are in the domain normally have this as:
host/name.domain.com
i.e. there is a domain.com at the end of the name.
The absence of that suggests to me that the machine is not a domain
member. Is that the case? If so, it cannot do machine auth.
This is on a samba domain Phil as per the cool solutions article I mentioned in
an earlier post. I am looking into my Aruba settings now for termination
Mark
Phil Mayers p.may...@imperial.ac.uk 5/19/2011 1:58 AM
User-Name = host/TECH-11501
Machines which are in the domain normally have
-users-bounces+ggatten=waddell@lists.freeradius.org
[mailto:freeradius-users-bounces+ggatten=waddell@lists.freeradius.org] On
Behalf Of Mark Jones
Sent: Thursday, May 19, 2011 12:15 PM
To: freeradius-users@lists.freeradius.org
Subject: Re: Renaming during Machine Authentication
On 05/16/2011 01:03 AM, Mark Jones wrote:
Hi Phil thanks for answering. I am trying to authenticate the
machines on bootup. I have an edir backend and am following this cool
solutions article which is fairly old:
http://www.novell.com/coolsolutions/feature/17044.html In it they
talk about
To: freeradius-users@lists.freeradius.org
Sent: 5/16/2011 3:01:35 AM
Subject: Re: Renaming during Machine Authentication
On 05/16/2011 01:03 AM, Mark Jones wrote:
Hi Phil thanks for answering. I am trying to authenticate the
machines on bootup. I have an edir backend and am following this cool
Hi Phil thanks for answering. I am trying to authenticate the machines on
bootup. I have an edir backend and am following this cool solutions article
which is fairly old: http://www.novell.com/coolsolutions/feature/17044.html
In it they talk about atrrib-rewrite but use it in the radiusd.conf
On 05/13/2011 11:21 PM, Mark Jones wrote:
That sounds good...where exactly do I put that in the config files?
Well, since you didn't explain why you wanted to rename it (for what
purpose) I can't say for sure.
Usually, a lot of what goes on in FreeRADIUS is done with string
expansions -
On 05/13/2011 11:03 PM, Mark Jones wrote:
Hi all i have freeradius 2.1.10 setup on a SLES server. When the
workstation boots it sends an mschapv2 request in the form
host/machinename. What is the best way to convert this to machinename$ ?
Sorry if this has been asked before Im stumped and cannot
That sounds good...where exactly do I put that in the config files?
Phil Mayers p.may...@imperial.ac.uk 5/13/2011 4:15 PM
On 05/13/2011 11:03 PM, Mark Jones wrote:
Hi all i have freeradius 2.1.10 setup on a SLES server. When the
workstation boots it sends an mschapv2 request in the form
24 matches
Mail list logo