Got things working...yeah!
started with fresh user, ntlm_auth and mschap files, edited according to
tutorial. I then got the following error:
winbind client not authorized to use winbindd_pam_auth_crap
I had already changed permissions yesterday, but did it again.
I was able to login using mschap after that.
Just curious, the tutorial shows the following:
ntlm_auth = "*/path/to/ntlm_auth* --request-nt-key
--username=%{mschap:User-Name:-None}
--domain=%{%{mschap:NT-Domain}:-*MYDOMAIN*}
--challenge=%{mschap:Challenge:-00}
--nt-response=%{mschap:NT-Response:-00}"
But, mschap shows:
ntlm_auth = "/usr/bin/ntlm_auth --request-nt-key
--username=%{%{Stripped-User-Name}:-%{User-Name:-None}}
--challenge=%{mschap:Challenge:-00} --nt-response=%{mschap:NT-Response:-00}"
}
I added the domain info, but wonder if we should just be doing a
copy/paste from the tutorial and edit the path and domain items.
On 02/18/2011 10:01 AM, Alan DeKok wrote:
Raymond Norton wrote:
Just curious if the hyphen is supposed to be in front of the domain
name on this line:
Yes. "man unlang". Look for ":-"
ntlm_auth = "*/path/to/ntlm_auth* --request-nt-key
--username=%{mschap:User-Name:-None}
--domain=%{%{mschap:NT-Domain}:-*MYDOMAIN*}
--challenge=%{mschap:Challenge:-00}
--nt-response=%{mschap:NT-Response:-00}"
------------------------------------------------------------------------
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
