On Tue, 2012-10-30 at 16:27 +0530, Prateek Kumar wrote:
Hi,
I am using samba 3.2.2 with freeradius . I have joined the domain
able to authenticate users with ntlm_auth.
If in ADS-2003 I configure the Remote Access Permission for the user (
User-properties-Dial-in ) as Deny then if I use the ntlm_auth
--username=user --password=password I get NT_STATUS_OK. What could be the
reason for this behavior , or is there any patch for this?
Also if I use windows server's radius server than I am not able to connect
my user be NT_STATUS_OKcause access is denied for that user.
There is nothing that ntlm_auth does to indicate to the DC that this is
for a remote access server, compared with say, Squid or a CIFS login.
That's why it doesn't fail.
Perhaps the --require-membership-of option might help, but I don't know
what that particular GUI option sets.
Andrew Bartlett
--
Andrew Bartletthttp://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
