[Samba] Freeradius logon with machine account...
Marco Gaiarin
gaio at sv.lnf.it
Thu Oct 1 12:46:36 UTC 2020
With Samba in NT mode, i was able to enable wireless access using
machine account, and worked decently.
Now i want to try again in AD mode, but i've not found info, and i've
just hit a trouble:
Oct 1 14:31:55 vdmsv1 radiusd[13555]: rlm_ldap (ldap): Opening additional connection (25), 1 of 31 pending slots used
Oct 1 14:31:55 vdmsv1 radiusd[13555]: (187) Login incorrect: [host/RUFUS.ad.fvg.lnf.it] (from client unifi-sv port 0 cli B8-EE-65-B1-73-D3 via TLS tunnel)
Oct 1 14:31:55 vdmsv1 radiusd[13555]: (188) eap_peap: The users session was previously rejected: returning reject (again.)
Oct 1 14:31:55 vdmsv1 radiusd[13555]: (188) eap_peap: This means you need to read the PREVIOUS messages in the debug output
Oct 1 14:31:55 vdmsv1 radiusd[13555]: (188) eap_peap: to find out the reason why the user was rejected
Oct 1 14:31:55 vdmsv1 radiusd[13555]: (188) eap_peap: Look for "reject" or "fail". Those earlier messages will tell you
Oct 1 14:31:55 vdmsv1 radiusd[13555]: (188) eap_peap: what went wrong, and how to fix the problem
Oct 1 14:31:55 vdmsv1 radiusd[13555]: (188) Login incorrect (eap: Failed continuing EAP PEAP (25) session. EAP sub-module failed): [host/RUFUS.ad.fvg.lnf.it] (from client unifi-sv port 0 cli B8-EE-65-B1-73-D3)
Client try to auth with FQDN and not username (eg RUFUS$).
Someone have some hint? Thanks.
--
dott. Marco Gaiarin GNUPG Key ID: 240A3D66
Associazione ``La Nostra Famiglia'' http://www.lanostrafamiglia.it/
Polo FVG - Via della Bontà, 7 - 33078 - San Vito al Tagliamento (PN)
marco.gaiarin(at)lanostrafamiglia.it t +39-0434-842711 f +39-0434-842797
Dona il 5 PER MILLE a LA NOSTRA FAMIGLIA!
http://www.lanostrafamiglia.it/index.php/it/sostienici/5x1000
(cf 00307430132, categoria ONLUS oppure RICERCA SANITARIA)
More information about the samba
mailing list