32 (0)2 2552551
"King, Michael"
<[EMAIL PROTECTED]>
11/06/2006 04:04 PM
To
<[EMAIL PROTECTED]>, "FreeRadius
users mailing list"
cc
Subject
RE: freeradius and ntlm_auth howto
Some things I've noticed from
your attached files
Mod
Some things I've noticed from your attached
files
Module: Loaded MS-CHAP mschap: use_mppe =
yes mschap: require_encryption = yes mschap: require_strong =
yes
I've never enabled these before, I'm unaware what
affect they will have
tls: pem_file_type = yes tls: private_key_file
= "/e
Let's see if we can get this solved...
> -Original Message-
> Here's the full log:
> Waking up in 6 seconds...
> rad_recv: Access-Request packet from host 10.104.254.73:1645,
This is NOT the full log. The full log would have started with the line
/path/to/radiusd -X
Some important s
[EMAIL PROTECTED]
wrote on 10/27/2006 02:54:52 PM:
> Did you notice the response from ntlm_auth:
>
> Exec-Program: /usr/bin/ntlm_auth --request-nt-key
--username=sstruyf
> --challenge=decc4450c3b83d2c --nt-
> response=1af36673f68f926b4cc76bf8cd9f440d0c36396981ad345
> Exec-Program o
Did you notice the response from ntlm_auth:
Exec-Program: /usr/bin/ntlm_auth --request-nt-key
--username=sstruyf --challenge=decc4450c3b83d2c
--nt-response=1af36673f68f926b4cc76bf8cd9f440d0c36396981ad345
Exec-Program
output: Logon failure (0xc06d)
This indicates an invalid user
Here's the full log:
Waking up in 6 seconds...
rad_recv: Access-Request packet from
host 10.104.254.73:1645, id=67, length=259
User-Name
= "KMT-EU.KMTG.NET\\sstruyf"
Framed-MTU
= 1400
Called-Station-Id
= "0016.469b.7cd0"
Calling-Station-Id
= "0011.851a.cc37"
[EMAIL PROTECTED] wrote:
All,
I finally got it working, but not yet as i want.
The trick that made it work is settings auth-type := MSCHAPv2 for the
You should not do that, and should not *have* to do that.
Most likely you have not put the mschap module in the authorize section,
*or* you ha
All,
I finally got it working, but not yet
as i want.
The trick that made it work is settings
auth-type := MSCHAPv2 for the user(s) and i also started radiusd as root(changed
the rights without success to radiusd, but once everything is working i
will try to run again with radiusd user)
If i conn
[EMAIL PROTECTED] wrote:
> I am trying to authenticate my wifi users via our AD. I'm finding bits and
> pieces on the internet to configure things, but no completely usable
> howto.
What's missing from any of the HOWTO's? There's some on the Wiki,
and one on my site.
> Exec-Program-Wait: pla
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
The debugging output is exactly saying whats wrong
Exec-Program output: winbind client not authorized to use
winbindd_pam_auth_crap. Ensure permissions on
/var/cache/samba/winbindd_privileged are set correctly.
10 matches
Mail list logo