任何人都知道一个工具来testing对Windows Radius服务器的身份validation?
我已经尝试radtest:
radtest -d /usr/share/freeradius/ kbrandt 'betYouCantGuess' theServer 10 secretIGaveforMyIP 0 192.168.254.82 但是我得到:
Sending Access-Request of id 120 to 192.168.254.253 port 1812 User-Name = "kbrandt" User-Password = "betYouCantGuess" NAS-IP-Address = 192.168.254.82 NAS-Port = 10 Framed-Protocol = PPP rad_recv: Access-Reject packet from host 192.168.254.253 port 1812, id=120, length=20
在日志中的服务器上有:
192.168.254.82,kbrandt,11/06/2009,10:38:28,IAS,THESERVER,4,192.168.254.82,5,10,7,1,4108,192.168.254.82,4116,0,4128,Kyle's Workstation,4155,1,4154,Use Windows authentication for all users,4129,MYDOMAIN\kbrandt,4127,1,4149,Connections to other access servers,25,311 1 192.168.254.253 11/06/2009 15:32:42 4,4130,mydomain.com/Users/Kyle Brandt,4136,1,4142,0 192.168.254.82,kbrandt,11/06/2009,10:38:28,IAS,THESERVER,25,311 1 192.168.254.253 11/06/2009 15:32:42 4,4130,mydomain.com/Users/Kyle Brandt,4149,Connections to other access servers,4108,192.168.254.82,4116,0,4128,Kyle's Workstation,4155,1,4154,Use Windows authentication for all users,4129,MYDOMAIN\kbrandt,4127,1,4136,3,4142,66
我是Radius新手,所以可能我没有configuration正确的东西。 我所做的只是安装服务,并使用Radius-Standard Vendor将我的IP作为RADIUS客户端添加。
得到它的工作,我删除了那里的政策。 然后为我所在的组添加一个,还必须添加PAP身份validation。 关于为什么我被拒绝的更多信息可以在事件查看器中find。