[prev in list] [next in list] [prev in thread] [next in thread] 

List:       freeradius-users
Subject:    Re: Wi-Fi Authentication on Active Directory
From:       Alan DeKok <aland () deployingradius ! com>
Date:       2013-10-25 13:21:45
Message-ID: 526A7069.7080400 () deployingradius ! com
[Download RAW message or body]

Bruno de Paula Larini wrote:
> I'm trying to use FreeRADIUS 2.2.0 on Fedora 19 to authenticate Wi-Fi
> clients (Windows 7) against a MS Active Directory domain (Windows Server
> 2008 R2). The access point is a MikroTik RouterOS v5.11. I've already
> joined the FreeRADIUS machine into my AD domain and both 'wbinfo -a' and
> 'ntlm_auth' can successfully authenticate domain users. Then, I've
> followed the instructions on the Wiki for FreeRADIUS 2.x and set up the
> server accordingly.

  That all seems fine.

> However, 'radiusd -X' tells that the Windows clients
> didn't reply the request and there's a url to the Wiki, explaining why
> it couldn't finish. The root and the client (self-signed) certificates
> are already installed on a test client, and I think I've created them
> following the recommended way (as told in README file on raddb/certs).
> I've checked the comments on raddb/eap.conf, but I'm not sure what to do
> next.


> Is there some way to make the Windows clients trust the request?

  http://deployingradius.com/

  Read the 4-step HOWTO on the bottom of the page.  It details a
step-by-step process to getting EAP to work on Windows machines.  It
WILL work.

  If the Windows box just stops the EAP session... the content on the
Wiki page describes what to do.  There really isn't anything else which
can fix the problem.

  Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
[prev in list] [next in list] [prev in thread] [next in thread]