[Samba] Freeradius logon with machine account...

Thu Oct 1 12:46:36 UTC 2020

With Samba in NT mode, i was able to enable wireless access using
machine account, and worked decently.

Now i want to try again in AD mode, but i've not found info, and i've
just hit a trouble:

 Oct  1 14:31:55 vdmsv1 radiusd[13555]: rlm_ldap (ldap): Opening additional connection (25), 1 of 31 pending slots used
 Oct  1 14:31:55 vdmsv1 radiusd[13555]: (187)   Login incorrect: [host/RUFUS.ad.fvg.lnf.it] (from client unifi-sv port 0 cli B8-EE-65-B1-73-D3 via TLS tunnel)
 Oct  1 14:31:55 vdmsv1 radiusd[13555]: (188) eap_peap:   The users session was previously rejected: returning reject (again.)
 Oct  1 14:31:55 vdmsv1 radiusd[13555]: (188) eap_peap:   This means you need to read the PREVIOUS messages in the debug output
 Oct  1 14:31:55 vdmsv1 radiusd[13555]: (188) eap_peap:   to find out the reason why the user was rejected
 Oct  1 14:31:55 vdmsv1 radiusd[13555]: (188) eap_peap:   Look for "reject" or "fail".  Those earlier messages will tell you
 Oct  1 14:31:55 vdmsv1 radiusd[13555]: (188) eap_peap:   what went wrong, and how to fix the problem
 Oct  1 14:31:55 vdmsv1 radiusd[13555]: (188) Login incorrect (eap: Failed continuing EAP PEAP (25) session.  EAP sub-module failed): [host/RUFUS.ad.fvg.lnf.it] (from client unifi-sv port 0 cli B8-EE-65-B1-73-D3)

Client try to auth with FQDN and not username (eg RUFUS$).

Someone have some hint? Thanks.

-- 
dott. Marco Gaiarin				        GNUPG Key ID: 240A3D66
  Associazione ``La Nostra Famiglia''          http://www.lanostrafamiglia.it/
  Polo FVG   -   Via della Bontà, 7 - 33078   -   San Vito al Tagliamento (PN)
  marco.gaiarin(at)lanostrafamiglia.it   t +39-0434-842711   f +39-0434-842797

		Dona il 5 PER MILLE a LA NOSTRA FAMIGLIA!
      http://www.lanostrafamiglia.it/index.php/it/sostienici/5x1000
	(cf 00307430132, categoria ONLUS oppure RICERCA SANITARIA)