How to configure FreeRADIUS with zimbra to enable 802.1x authentication using LDAP ?

Question

I used Zimbra for many year, and a few web application use Zimbra account via LDAP for authentication.

Now I have a new wireless and I want to use Zimbra for authentications. I installed one new machine (opensuse) with freeradius and testing it (this is my first freeradius installation).

From command line radtest (for LDAP username/password) return Access-Accept

For wireless I used Ubquiti Unifi controller 3.1.10. When I start controller I get error on freeradius side:

ERROR: No authenitcation method (Auth-Type) found for the request: Rejecting the user

But, I did not send any user from unifi controller. I entered only ip-address, port and client security code

OK, if I try to connect on wifi from my device, I get prompt for username/password, but on freeradius server I get error:

[mschap] No Cleartext-Password configured. Cannot create LM-Password.
[mschap] No Cleartext-Password configured. Cannot create NT-Password.
[mschap] Creating challenge hash with username: myusername
[mschap] Told to do MS-CHAPv2 for myusername with NT-Password
[mschap] FAILED: No NT/LM-Password. Cannot perform authentication.
[mschap] FAILED: MS-CHAP2-Response is incorrect

I tried to create certificate but without success. However, I only want to use Zimbra accounts, I do not need any certificate.

I tried to ask google for help, and read many documentation, but without success.

Answer 1

The Problem here is the lake of Compatibility:

you need to configure Samba for LDAP:

This is a good site to help you with this:

http://www.server-world.info/en/note?os=CentOS_6&p=samba&f=4 # you have only to config the first part of the configuration written in this site

then you need to add a user to the LDAP DataBase with sambaSamPassword: This is the steps you have to do to add the Samba user to the LDAP:

FIRST create a new file "user1.ldif":
#vi user1.ldif
dn: uid=Student,ou=students,dc=server,dc=world #change it by your domain
objectClass: inetOrgPerson
objectClass: posixAccount
objectClass: sambaSamAccount
objectClass: top
uid: Student
sn: Student
givenName: Student
cn: Student
displayName: Student
uidNumber: 500
gidNumber: 500
userPassword: {crypt}$6$XPB9dlcHd5v/zKVq$Aem0FSKCIj.6hDD/I3yKdn3Zh5xmyXoo.vMldIQ/8NLgSGSnzbIkMGXu.OrzDRDgfbyByH5/qvuKBSYhXYN/30  #any crypted Password
sambaNTPassword: 38E85AD5FA5BAA20CA1BA1AF779445BD #any md4 password
gecos: Student
loginShell: /bin/bash
homeDirectory: /home/Student
sambasid: S-1-5-21-3090807595-3330218014-3090303682-500 (finished with the user ID)

THEN you add this user the ldap:
#ldapadd -x -D cn=admin,dc=server,dc=world-W -f user1.ldif

This has worked for me I hope it will work for you too.

Answer 2

How are stored your passwords in your Zimbra LDAP ? I'm using a LDAP for freeradius authentification and I had to store my passwords in cleartext inside the LDAP else the authentification match was failing.