Hi, Here is what I found in your log: [...] Exec-Program output: winbind client not authorized to use winbindd_pam_auth_crap. Ensure permissions on /var/cache/samba/winbindd_privileged are set correctly. (0xc0000022) Exec-Program-Wait: plaintext: winbind client not authorized to use winbindd_pam_auth_crap. Ensure permissions on /var/cache/samba/winbindd_privileged are set correctly. (0xc0000022) Exec-Program: returned: 1 [...]
Try to troubleshoot winbind. It seems that there may be a permission problem. Regards, Charles > Hi There > > I have configured the Freeradius on Fedora core 3 as per the > documentation > > [EMAIL PROTECTED] raddb]# ntlm_auth --request-nt-key --domain=INDIA > --username=checkad > password: > NT_STATUS_OK: Success (0x0) > [EMAIL PROTECTED] raddb]# > > When I start the the Radius Server using Radius -X command Starts fine. > > When I give the logon credentials through the wireless laptop the user > doesn't get validated. > > Please help me out. If you need the any config files for your reference, > please let me know.Atached is the log file of output generated. > > Also guide me, as I have already given allow permissions to users with > Dialin Permissions in AD domain. > > > Thanks & Regards > Varun Marwah > CONFIDENTIALITY NOTICE > This e-mail transmission and any documents, files, or previous e-mail > messages appended or attached to it, may contain information that is > confidential or legally privileged. If you are not the intended > recipient, or a person responsible for delivering it to the intended > recipient, you are hereby notified that any disclosure, copying, > printing, distribution, or use of the information contained or attached > to this transmission is STRICTLY PROHIBITED. If you have received this > transmission in error, please immediately notify the sender by telephone > (+91-172-2299137) or return e-mail message ([EMAIL PROTECTED]) and > delete the original transmission, its attachments, and any copies > without reading or saving in any manner. Thank you. > > -----Original Message----- > From: charles schwartz [mailto:[EMAIL PROTECTED] > Sent: Monday, November 28, 2005 10:51 PM > To: freeradius-users@lists.freeradius.org > Cc: Varun Marwah > Subject: Re: AD authentication > > Hi, > > If the wbinfo command does not work, ntlm_auth won't work too. > > > > error code was NT_STATUS_CANT_ACCESS_DOMAIN_INFO (0xc00000da) > > > > error messsage was: NT_STATUS_CANT_ACCESS_DOMAIN_INFO > > This error indicates that something went wrong with the domain access. > Try to troubleshoot by using wbinfo -g or wbinfo -u. > With these commands you should be able to list the users and groups of > your domain. > > There may be a problem with NTLM on your Windows2003 server. > Note thath NTLM was the authentication protocol used by earlier version > of Windows. > It is still supported for backward compatibility, but can be disabled. > By default, Win2k and 2003 use Kerberos for authentication. > > You might have a security policy thats restricts the use of NTLM on your > network. > Check your GPO if NTLM is allowed to be transmitted across the network. > > > Regards, > Charles Schwartz > > > > > > Hi, > > > > > > > > I used the document freeRadius_AD_tutorial.pdf for configuring a linux > > box to get authenticated through users in Windows 2003 AD. > > > > > > > > I used the command net join -U Administrator to add the machine to the > > domain. It gave successful results. Now on typing the command > > > > > > > > wbinfo -a checkad%Quark_123 > > > > > > > > I got the following results:- > > > > > > > > plaintext password authentication failed > > > > error code was NT_STATUS_NO_SUCH_USER (0xc0000064) > > > > error messsage was: No such user > > > > Could not authenticate user checkad%Quark_123 with plaintext password > > > > challenge/response password authentication failed > > > > error code was NT_STATUS_CANT_ACCESS_DOMAIN_INFO (0xc00000da) > > > > error messsage was: NT_STATUS_CANT_ACCESS_DOMAIN_INFO > > > > Could not authenticate user checkad with challenge/response > > > > > > > > Also, on giving the command > > > > > > > > # ntlm_auth --request-nt-key --domain=india.quark.com --username= > > checkad > > > > password: > > > > NT_STATUS_CANT_ACCESS_DOMAIN_INFO: NT_STATUS_CANT_ACCESS_DOMAIN_INFO > > (0xc00000da) > > > > [EMAIL PROTECTED] etc]# > > > > I get the above stated error. Please help. > > > > Thanks & Regards > > > > Varun Marwah > > > > CONFIDENTIALITY NOTICE > > > > This e-mail transmission and any documents, files, or previous e-mail > > messages appended or attached to it, may contain information that is > > confidential or legally privileged. If you are not the intended > > recipient, or a person responsible for delivering it to the intended > > recipient, you are hereby notified that any disclosure, copying, > > printing, distribution, or use of the information contained or > attached > > to this transmission is STRICTLY PROHIBITED. If you have received this > > transmission in error, please immediately notify the sender by > telephone > > (+91-172-2299137) or return e-mail message ([EMAIL PROTECTED] > > <mailto:[EMAIL PROTECTED]> ) and delete the original transmission, its > > attachments, and any copies without reading or saving in any manner. > > Thank you. > > > > > > > > -- > This message has been scanned for viruses and > dangerous content by Quark Anti Virus, and is > believed to be clean. > - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
