subject:"centralised authentication \(freeradius using pam

Re: centralised authentication (freeradius using pam_windbind thru NT domains)

2003-03-31 Thread Alan DeKok

Jay Ungab <[EMAIL PROTECTED]> wrote:
> However, I can't successfully login to my NAS accounts when I try to
> dialin using the account of my NT domain user database. I also try
> to use the radtest utility if my account can authenticate using the
> NT domain user database but no success at all also. But using the
> redhat system account its work. Does anyone know where should I
> focus my troubleshooting?

  Run the server in debugging mode, and read it's output?

  Alan DeKok.

- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

centralised authentication (freeradius using pam_windbind thru NT domains)

2003-03-31 Thread Jay Ungab


Hi All,

I have a queries. The following scenario are already implemented in
my heterogenous systems test site.
I already centralise my authentication to use the NT domain using a
pam_windbind module. Any NT domain users
can login already to my unix box using the account in our NT domain machine
server. 

My real problem persist are for my RAS authentication. I setup my
freeradius using a redhat 7.3 OS
to use the autheticate to my NT domains users database instead of creating
each users or synchronizing the
accounts in redhat box. In my pam.d configuration in "radiusd and smb-auth",
I add the entries below suggested
in this list. ( see below of my entries). However, I can't successfully
login to my NAS accounts when I try to dialin
using the account of my NT domain user database. I also try to use the
radtest utility if my account can authenticate
using the NT domain user database but no success at all also. But using the
redhat system account its work. Does
anyone know where should I focus my troubleshooting? What authentication
modules should be ideal for my setup
using the freeradius? Any suggestion, pointers and advise are really
appreciated. If anybody in this list successfully
done this setup, please lean me your configurations. Many thanks in advance.

radiusd:

#%PAM-1.0
authrequired/lib/security/pam_securetty.so
authrequired/lib/security/pam_stack.so service=smb-auth
authrequired/lib/security/pam_nologin.so
account required/lib/security/pam_stack.so service=smb-auth
passwordrequired/lib/security/pam_stack.so service=smb-auth
session required/lib/security/pam_stack.so service=smb-auth
session optional/lib/security/pam_console.so

smb-auth:

#%PAM-1.0
authrequired/lib/security/pam_env.so
authsufficient  /lib/security/pam_winbind.so
authrequired/lib/security/pam_deny.so
account sufficient  /lib/security/pam_winbind.so
account required/lib/security/pam_unix.so
passwordrequired/lib/security/pam_cracklib.so retry=3 type=
passwordsufficient  /lib/security/pam_unix.so nullok use_authtok
md5 shadow
passwordrequired/lib/security/pam_deny.so
session required/lib/security/pam_limits.so
session required/lib/security/pam_unix.so



Regards

Jay Ungab
Jardine Direct Company Inc - OSSC
3/F, Jardine Davies Building
222 Sen. Gil J. Puyat Avenue
Makati City, Philippines
Telephone: +63 2 8920190 extension 231
Voice/IP (from ATL & Devon): 50-1110-231
Fax: +63 2 8939569
Network Team Mobile: +63 918 9225905
Email: [EMAIL PROTECTED]


- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: centralised authentication (freeradius using pam_windbind thru NT domains)

centralised authentication (freeradius using pam_windbind thru NT domains)

2 matches

Site Navigation

Mail list logo

Footer information