[RADIATOR] Trying to use Radiator With Active Directory (PEAP)

Thu Jan 7 19:22:56 CST 2010

Hello Nuno, Hello Jhonny -

The latest version is Radiator 4.5.1 - you might consider upgrading as there have been quite a few additions and new features.

regards

Hugh

On 8 Jan 2010, at 01:29, <joliveira at reitoria.ul.pt> <joliveira at reitoria.ul.pt> wrote:

> Hi,
>  
> I believe you are using TTLS with PAP and radiator/LDAP, right?
> We have a similar setup, we use AUTHBY NTLM (winbind) do accomplish this, and it works. There are a few configuration details you might be interested as well. You can either email/instant message me or come around (it’s less than 1KM away)! J
>  
> Cumprimentos,
> ____________________________________________________________________
> Jhonny Freire Oliveira    Núcleo de Informática e Comunicações da UL
> joliveira at reitoria.ul.pt  Reitoria da UL,  Alameda  da  Universidade
> Tel: +351 210170194       Campo Grande – 1649-004 Lisboa,   Portugal
>  
> From: radiator-bounces at open.com.au [mailto:radiator-bounces at open.com.au] On Behalf Of Nuno Gonçalves
> Sent: quinta-feira, 7 de Janeiro de 2010 11:51
> To: radiator at open.com.au
> Subject: [RADIATOR] Trying to use Radiator With Active Directory (PEAP)
>  
> Hi all,
> 
> I'm using a radiator version 3.15 authenticating users through 802.1x with TTLS against a Microsoft Active Directory successfully.
> I'm trying to configure the same radiator to authenticate users through 802.1x with PEAP with certificate against the same Microsoft Active Directory.
> The problem I am facing is radiator can't authenticate users because the password is encrypted in MS AD.
> Did anyone accomplished a similar setup ?
> 
> The problem seems that laptop clients already encrypt the user password and when it arrives at radiator it  makes another hash  which makes  the authentication unsuccessfully because it arrives to AD double encryped (by the client and by radiator).
> Thanks for your help
> 
>  
> -- 
> 
> _______________________________________
> Nuno Gonçalves
>  
> FCCN
> Av. do Brasil, n.º 101 - Lisboa
> Tel.: +351218440100 - Fax: +351218472167
>  
> http://www.fccn.pt
> Aviso de Confidencialidade/Disclaimer
> 
> Esta mensagem é exclusivamente destinada ao seu destinatário, podendo conter informação CONFIDENCIAL, cuja divulgação está expressamente vedada nos termos da lei. Caso tenha recepcionado indevidamente esta mensagem, solicitamos-lhe que nos comunique esse mesmo facto por esta via ou para o telefone +351 218440100 devendo apagar o seu conteúdo de imediato. This message is intended exclusively for its addressee. It may contain CONFIDENTIAL information protected by law. If this message has been received by error, please notify us via e-mail or by telephone +351 218440100 and delete it immediately.
> _______________________________________________
> radiator mailing list
> radiator at open.com.au
> http://www.open.com.au/mailman/listinfo/radiator

NB: 

Have you read the reference manual ("doc/ref.html")?
Have you searched the mailing list archive (www.open.com.au/archives/radiator)?
Have you had a quick look on Google (www.google.com)?
Have you included a copy of your configuration file (no secrets), 
together with a trace 4 debug showing what is happening?

-- 
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows, MacOS X.
Includes support for reliable RADIUS transport (RadSec),
and DIAMETER translation agent.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
-
CATool: Private Certificate Authority for Unix and Unix-like systems.