On 26/03/2013 18:03, a.l.m.bu...@lboro.ac.uk wrote:
Hi,
o.k. many thanks for this phil. I'll probably have a bash at this but, as I've
done it before, just setting up radiator as something that just says yes/no
sounds a lot easier :-))
RADIATOR on Windows can use <AuthBY LSA> which is a direct access to AD method
and doesnt use SAMBA
stuff at all - you'd have the same problem with RADIATOR on Linux.
In the interests of clarity: The LSA isn't magic; it uses pretty much
the same RPCs as Samba does. There's nothing hidden or special, and no
"direct access".
The problem here is that Samba doesn't have any way to set
MSV1_0_ALLOW_MSVCHAPV2 when calling the relevant RPC. This is a trivial,
one-bit flag.
NPS and Radiator are obviously setting that flag when talking to the
RPC. We (because we're reliant on Samba) are not. Fix Samba, and we will
magically work - no effort required.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html