On 03/03/2011 11:07 PM, robert22 wrote:
McNutt, Justin M. wrote:
Also check that winbind is working like this:
wbinfo --all-domains
If you don't see a list of all valid NT-style domains, winbind is broken
and you'll have to fix that first.
that command displays all the domains correctly.
However, running the ntlm_auth command with the challange and response gives
a "Logon failure (0xc000006d)"
root@FREERADIUS:~# ntlm_auth --request-nt-key --username=0024D6650564
--domain=MY.ACTUAL.DOMAIN --challenge=9034daf90ecd43a3
--nt-response=cd206503887edb3e33ac801d348cd30a7aefa411651be9d0
Logon failure (0xc000006d)
Well, that's pretty clear. The response is not valid, meaning that
either the password is wrong somewhere, or samba is corrupting things
(which has happened in some buggy versions)
Are you sure the mschap client is using the right password, and matches
the password in the domain?
Can you do a plaintext auth with the password you expect it to be?
ntlm_auth --username=<themac> --password=<the value>
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
