有谁知道可以针对 Windows Radius 服务器测试身份验证的工具吗?
我努力了radtest和:
radtest -d /usr/share/freeradius/ kbrandt 'betYouCantGuess' theServer 10 secretIGaveforMyIP 0 192.168.254.82
但我明白:
Sending Access-Request of id 120 to 192.168.254.253 port 1812
User-Name = "kbrandt"
User-Password = "betYouCantGuess"
NAS-IP-Address = 192.168.254.82
NAS-Port = 10
Framed-Protocol = PPP
rad_recv: Access-Reject packet from host 192.168.254.253 port 1812, id=120, length=20
在服务器的日志中有:
192.168.254.82,kbrandt,11/06/2009,10:38:28,IAS,THESERVER,4,192.168.254.82,5,10,7,1,4108,192.168.254.82,4116,0,4128,Kyle's Workstation,4155,1,4154,Use Windows authentication for all users,4129,MYDOMAIN\kbrandt,4127,1,4149,Connections to other access servers,25,311 1 192.168.254.253 11/06/2009 15:32:42 4,4130,mydomain.com/Users/Kyle Brandt,4136,1,4142,0
192.168.254.82,kbrandt,11/06/2009,10:38:28,IAS,THESERVER,25,311 1 192.168.254.253 11/06/2009 15:32:42 4,4130,mydomain.com/Users/Kyle Brandt,4149,Connections to other access servers,4108,192.168.254.82,4116,0,4128,Kyle's Workstation,4155,1,4154,Use Windows authentication for all users,4129,MYDOMAIN\kbrandt,4127,1,4136,3,4142,66
我是 Radius 新手,所以可能配置不正确。我所做的就是安装服务,并使用 Radius-Standard Vendor 将我的 IP 添加为 RADIUS 客户端。
答案1
成功了,我删除了那里的策略。然后为我所在的组添加了一个策略,还必须添加 PAP 身份验证。有关我被拒绝的原因的更多信息可在事件查看器中找到。