Hi,
my wifi clients authenticate via AD User which works fine.
If I try to authenticate via AD computer account it fails.
Log:
Jun 19 10:45:01.449 debug radiusd: A:Invalid user (rlm_ldap: User not found, rejecting request): [host/clientname.domain.de] (from client localhost port 10949 cli C4-D9-87-82-ED-D5)
Jun 19 10:45:01.451 debug iprulesmgr: Received RADIUS Packet (Length:'101',Code:'Access-Challenge',Id:'183', Calling-Station-id='C4-D9-87-82-ED-D5') from RADIUS Server (Ip:'127.0.0.1',Port:'1645') for User (nas-port:'10949',username:'host/clientname.domain.de').
Jun 19 10:45:01.451 debug iprulesmgr: Sending RADIUS Access Challenge (id='71') to RADIUS Client (ip-address='169.254.0.4',port='33836').
Jun 19 10:45:01.462 debug iprulesmgr: Received RADIUS Access Request (id='68') for user (calling-station-id='C4-D9-87-82-ED-D5',virtual-ap-index='3') from IEEE802dot1x RADIUS Client (ip-address='169.254.0.4',port='33836',called-station-id='00-24-A8-BF-4C-A2').
Jun 19 10:45:01.463 debug iprulesmgr: Sending RADIUS Packet (Length:'334',Code:'Access-Request',Id:'126', calling-station-id='C4-D9-87-82-ED-D5') to RADIUS Server (Ip:'127.0.0.1',Port:'1645') for User (nas-port:'10949',username:'host/clientname.domain.de').
Jun 19 10:45:01.464 debug radiusd: A:Login incorrect: [host/clientname.domain.de] (from client localhost port 10949 cli C4-D9-87-82-ED-D5)
Jun 19 10:45:01.465 debug iprulesmgr: Received RADIUS Packet (Length:'44',Code:'Access-Reject',Id:'126', Calling-Station-id='C4-D9-87-82-ED-D5') from RADIUS Server (Ip:'127.0.0.1',Port:'1645') for User (nas-port:'10949',username:'clientname.domain.de').
Am I missing any controller settings?
I have added the domaincomputer group to the active directory attribute groups but this does not resolve the probleme. The controller has joined the AD succesfully. AD user logins work just fine.
Let me know if you need more information.
thanks Marco