(RADIATOR) Radiator and Windows 2003

Hugh Irvine hugh at open.com.au
Wed Mar 9 09:51:25 CST 2005


Hello Andre -

There is an example showing how to do this in "goodies/ad-ldap.cfg".

regards

Hugh


On 9 Mar 2005, at 12:00, Mike McCauley wrote:

> Hello Andrea,
>
> Im not sure how to make OpenDSObject follow referrals.
> But if you are trying to query a remote AD, you might be better off 
> using
> AuthBy LDAP to query the AD server directly using LDAP.
>
> Cheers.
>
> On Wednesday 09 March 2005 05:48, Andre Correa wrote:
>> Hi again list, with some help from Hugh Irvine I could get my username
>> and password again and upgraded Radiator to 3.11 with its hotfix.
>>
>> Unfortunately my problem is still here, I need to authenticate to a
>> remote Windows 2003, so I think LSA is not an option here. I tried 
>> once
>> again ADSI in the following configuration but I still get errors in 
>> the
>> logs.
>>
>> <Realm mrealm>
>>          <AuthBy ADSI>
>>            BindString
>> LDAP://myADServer/cn=%0,ou=users,dc=mydomain,dc=com,dc=br
>>            AuthUser cn=%0,ou=users,dc=mydomain,dc=com,dc=br
>>            Identifier ADSI
>>            AuthFlags 1
>>            DefaultReply Service-Type=Framed-User,Framed-Protocol=PPP
>>          </AuthBy>
>> </Realm>
>>
>> and here goes the errors:
>>
>>
>>   Wed Mar  2 00:14:50 2005: DEBUG: Handling request with Handler
>>   'Realm=myrealm'
>>   Wed Mar  2 00:14:50 2005: DEBUG: Handling with ASDI
>>   Wed Mar  2 00:14:50 2005: DEBUG: BindString converted to
>>   LDAP://myADServer/cn=teste@myrealm,ou=users,dc=mydomain,dc=com,dc=br
>>   Wed Mar  2 00:14:50 2005: DEBUG: AuthUser converted to
>>   cn=teste at myrealm,ou=users,dc=mydomain,dc=com,dc=br
>>   Wed Mar  2 00:14:50 2005: DEBUG: Could not get user object:
>>   Win32::OLE(0.1403) error 0x8007202b: "A referral was returned from 
>> the
>>   server"
>>       in METHOD/PROPERTYGET "OpenDSObject"
>>   Wed Mar  2 00:14:50 2005: INFO: Access rejected for teste at myrealm: 
>> Could
>>   not find user
>>
>> Looking Windows 2003 event log it seens that the user is being
>> successfully authenticated but its response is not recongnized by
>> Radiator. I upgraded Win32::OLE module to the lastest version with no 
>> luck.
>>
>> Does anybody was able to make Radiator talk to a remote Windows 2003?
>>
>> Any help is appreciated.
>>
>> tks
>>
>> Andre
>>
>> --
>> Archive at http://www.open.com.au/archives/radiator/
>> Announcements on radiator-announce at open.com.au
>> To unsubscribe, email 'majordomo at open.com.au' with
>> 'unsubscribe radiator' in the body of the message.
>
> -- 
> Mike McCauley                               mikem at open.com.au
> Open System Consultants Pty. Ltd            Unix, Perl, Motif, C++, WWW
> 9 Bulbul Place Currumbin Waters QLD 4223 Australia   
> http://www.open.com.au
> Phone +61 7 5598-7474                       Fax   +61 7 5598-7070
>
> Radiator: the most portable, flexible and configurable RADIUS server
> anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
> Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS,
> TTLS, PEAP etc on Unix, Windows, MacOS etc.
>
> --
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.
>
>

NB: I am travelling this week, so there may be delays in our 
correspondence.

-- 
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
-
CATool: Private Certificate Authority for Unix and Unix-like systems.

--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.


More information about the radiator mailing list