RE: freeradius and ntlm_auth howto

2006-11-06 Thread Stieven . Struyf
32 (0)2 2552551 "King, Michael" <[EMAIL PROTECTED]> 11/06/2006 04:04 PM To <[EMAIL PROTECTED]>, "FreeRadius users mailing list" cc Subject RE: freeradius and ntlm_auth howto Some things I've noticed from your attached files   Mod

RE: freeradius and ntlm_auth howto

2006-11-06 Thread King, Michael
Some things I've noticed from your attached files   Module: Loaded MS-CHAP  mschap: use_mppe = yes mschap: require_encryption = yes mschap: require_strong = yes   I've never enabled these before, I'm unaware what affect they will have     tls: pem_file_type = yes tls: private_key_file = "/e

RE: freeradius and ntlm_auth howto

2006-10-27 Thread King, Michael
Let's see if we can get this solved... > -Original Message- > Here's the full log: > Waking up in 6 seconds... > rad_recv: Access-Request packet from host 10.104.254.73:1645, This is NOT the full log. The full log would have started with the line /path/to/radiusd -X Some important s

RE: freeradius and ntlm_auth howto

2006-10-27 Thread Stieven . Struyf
[EMAIL PROTECTED] wrote on 10/27/2006 02:54:52 PM: > Did you notice the response from ntlm_auth: >   > Exec-Program: /usr/bin/ntlm_auth --request-nt-key --username=sstruyf > --challenge=decc4450c3b83d2c --nt- > response=1af36673f68f926b4cc76bf8cd9f440d0c36396981ad345 > Exec-Program o

RE: freeradius and ntlm_auth howto

2006-10-27 Thread Garber, Neal
Did you notice the response from ntlm_auth:   Exec-Program: /usr/bin/ntlm_auth --request-nt-key --username=sstruyf --challenge=decc4450c3b83d2c --nt-response=1af36673f68f926b4cc76bf8cd9f440d0c36396981ad345 Exec-Program output: Logon failure (0xc06d)   This indicates an invalid user

Re: freeradius and ntlm_auth howto

2006-10-27 Thread Stieven . Struyf
Here's the full log: Waking up in 6 seconds... rad_recv: Access-Request packet from host 10.104.254.73:1645, id=67, length=259         User-Name = "KMT-EU.KMTG.NET\\sstruyf"         Framed-MTU = 1400         Called-Station-Id = "0016.469b.7cd0"         Calling-Station-Id = "0011.851a.cc37"        

Re: freeradius and ntlm_auth howto

2006-10-27 Thread Phil Mayers
[EMAIL PROTECTED] wrote: All, I finally got it working, but not yet as i want. The trick that made it work is settings auth-type := MSCHAPv2 for the You should not do that, and should not *have* to do that. Most likely you have not put the mschap module in the authorize section, *or* you ha

Re: freeradius and ntlm_auth howto

2006-10-27 Thread Stieven . Struyf
All, I finally got it working, but not yet as i want. The trick that made it work is settings auth-type := MSCHAPv2 for the user(s) and i also started radiusd as root(changed the rights without success to radiusd, but once everything is working i will try to run again with radiusd user) If i conn

Re: freeradius and ntlm_auth howto

2006-10-26 Thread Alan DeKok
[EMAIL PROTECTED] wrote: > I am trying to authenticate my wifi users via our AD. I'm finding bits and > pieces on the internet to configure things, but no completely usable > howto. What's missing from any of the HOWTO's? There's some on the Wiki, and one on my site. > Exec-Program-Wait: pla

RE: freeradius and ntlm_auth howto

2006-10-26 Thread Jonathan De Graeve
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 The debugging output is exactly saying whats wrong Exec-Program output: winbind client not authorized to use winbindd_pam_auth_crap. Ensure permissions on /var/cache/samba/winbindd_privileged are set correctly.