Re: Hi. Windows RADIUS server died.
On Tue, 2005-08-09 at 18:47 -0400, Alan DeKok wrote: > The radius client that comes with FreeRADIUS? hehe. You mean it's that simple? Damn. Sorry didn't realise there was a client at all. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Hi. Windows RADIUS server died.
Derrick MacPherson <[EMAIL PROTECTED]> wrote: > I'm not sure what I can use other than turning our firewall at it. Is > there any other way? The radius client that comes with FreeRADIUS? Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Hi. Windows RADIUS server died.
> Debug mode? > > There's no real ms-chap command-line utility that I know of. not using ms-chap. I'm not sure what I can use other than turning our firewall at it. Is there any other way? - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Hi. Windows RADIUS server died.
Derrick MacPherson <[EMAIL PROTECTED]> wrote: > Is there a way to test if the authentication is passing or failing? Debug mode? There's no real ms-chap command-line utility that I know of. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Hi. Windows RADIUS server died.
On Tue, 2005-08-09 at 17:22 -0400, Alan DeKok wrote: > See radiusd.conf for an example, and the ntlm_auth docs for it's > command-line arguments. thank you, reading them now. Is there a way to test if the authentication is passing or failing? - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Hi. Windows RADIUS server died.
Derrick MacPherson <[EMAIL PROTECTED]> wrote: > I see freeradius can use ntlm_auth as well, though I'm not clear on it's > syntax. See radiusd.conf for an example, and the ntlm_auth docs for it's command-line arguments. > I have squid using the same authentication criteria as the radius > server was using, that was based upon being in certain group. Can > freeradius support this as well? Sure, because FreeRADIUS doesn't care about command-line arguments to ntlm_auth. Add ass many arguments to ntlm_auth as you want. > ntlm_auth --helper-protocol=squid-2.5-ntlmssp This *isn't* supported. You have to pass the username & password on the command line, as in the examples. And if you're doing MSCHAP, you MUST also pass the "request nt key" option, too. > --require-membership -of=S-1-5-21-1058564242-1277044956-825688854-1337 > Domain Group (2) This is just noise to FreeRADIUS, which doesn't look at it, and doesn't care. If ntlm_auth returns success, so does FreeRADIUS. If it returns fail, so does FreeRADIUS. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
