On 25/06/10 14:21, Nathan McDavit-Van Fleet wrote:
Okay,
I’ve had a working config with the following for the past month.
TTLS->LDAP
PEAP->AD
PEAP->Local Users File
After a month running everything perfectly, 3 days ago the “PEAP-AD”
portion of the AAA failed. This is for wireless auth.
Strangely, I can still auth from the CLI using ntlm_auth and wbinfo. So
it appears as if the Samba connection to the AD is fine. Nothing has
changed config wise between then and now, and I haven’t found any
interesting log information. You just get a “Login incorrect” when you
try to login via PEAP->AD. Everything else is verified as working.
Aside from Freeradius itself, what are the differences between using
ntlm_auth via CLI and via Freeradius?
Permissions? Including unix perms on the winbind socket, and perhaps
SELinux labelling.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
