Bryce Mackintosh <[email protected]> wrote: >The problem isn't specific to one machine - All the machines I test >cause >the same ntlm_auth result. They are all correctly joined to the domain. > > >On 19 October 2012 13:28, Chitrang Srivastava ><[email protected] >> wrote: > >> Did the machine joined the AD domain before ntlm_auth (use net join >to do >> that ). >> >> >> On Fri, Oct 19, 2012 at 1:49 PM, Bryce Mackintosh ><[email protected]>wrote: >> >>> Hi, >>> >>> I've been trying to get machine auth working for a good while and >I'm >>> currently stuck trying to figure out why ntlm_auth is returning "No >logon >>> workstation trust account (0xc0000199)". I've double checked AD and >the >>> account definitely exists, and the machine has no problem logging >into the >>> domain. User auth works fine. >>> >>> Here's an example command: >>> >>> /usr/bin/ntlm_auth --request-nt-key --username=NOLP3003$ >--domain=FOO >>> --challenge=4a8904ffb0ba86d2 >>> --nt-response=7ab480ea0a0754603629da316c9911935ff3c92daffcc621 >>> No logon workstation trust account (0xc0000199) >>> >>> ntlm_auth is version 3.6.1-34.3.1-2691-SUSE-SL12.1-x86_64 >>> >>> Does anyone have any suggestions? I realise that this isn't really a >>> Freeradius issue, but I'm hoping someone here has come across this >before. >>> >>> Thanks in advance, >>> >>> Bryce >>> >>> - >>> List info/subscribe/unsubscribe? See >>> http://www.freeradius.org/list/users.html >>> >> >> >> - >> List info/subscribe/unsubscribe? See >> http://www.freeradius.org/list/users.html >> > > >------------------------------------------------------------------------ > >- >List info/subscribe/unsubscribe? See >http://www.freeradius.org/list/users.html
There was an issue with earlier versions of samba not setting a particular flag on the rpc, so machine auth always failed. But that was a long time ago. Is there some domain policy preventing it? -- Sent from my phone. Please excuse brevity and typos. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
