RE: 802.1x, PEAP, and AD

The server is sending: --username=AMS\\mcapelle You need to strip the domain, check the ntdomain option or nt_domain_hack -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of [EMAIL PROTECTED] Sent: Thursday, January 20, 2005 10:39 AM To:

RE: 802.1x, PEAP, and AD

realm ntdomain { format = prefix delimiter = \\ ignore_default = no ignore_null = no } -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of [EMAIL PROTECTED] Sent: Thursday,

RE: 802.1x, PEAP, and AD

This is what I use ntlm_auth = /usr/local/samba/bin/ntlm_auth --request-nt-key --username=%{Stripped-User-Name:-%{User-Name:-None}} --challenge= %{mschap:Challenge:-00} --nt-response=%{mschap:NT-Response:-00} -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf

RE: LDAP, PEAP, Active Directory issue

@lists.freeradius.org Subject: RE: LDAP, PEAP, Active Directory issue Where is a good place to read the details of how ntlm_auth integrates in with AD ? Ron. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Willey Kurt D Sent: Thursday, January 13, 2005 3:27 PM

RE: Radius with SSL

)connection attempt failed rlm_ldap: search failed ldap_release_conn: Release Id: 0 -- On Mon, 10 Jan 2005, Willey Kurt D wrote: Use port 636 to your ldaps server, and let the radius server do the work. The hardest part is generating

RE: Radius with SSL

accept. TLS: error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca /usr/src/secure/lib/libssl/../../../crypto/openssl/ssl/s3_pkt.c:1052 ^Cslapd shutdown: waiting for 0 threads to terminate slapd stopped. - On Thu, 13 Jan 2005, Willey Kurt D wrote

RE: LDAP, PEAP, Active Directory issue

yes -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Israel Fabio Alves Sent: Thursday, January 13, 2005 1:19 PM To: freeradius-users@lists.freeradius.org Subject: Re: LDAP, PEAP, Active Directory issue Hi, I have a question about the problem bellow. If

RE: LDAP, PEAP, Active Directory issue

Softerra ldap browser helped with AD structure Relevant radiusd.conf mschap { snip with_ntdomain_hack = yes ntlm_auth = /usr/local/samba/bin/ntlm_auth --request-nt-key --username=%{Stripped-User-Name:-%{User-Name:-None}} --challenge= %{mschap:Challenge:-00} --nt-response=%{mschap:NT-Response:-00}

RE: LDAP, PEAP, Active Directory issue

Point ntlm_auth to your samba install; like: ntlm_auth = /your/install/location/samba/bin/ntlm_auth --request-nt-key --username=%{Stripped-User-Name:-%{User-Name:-None}} --challenge= %{mschap:Challenge:-00} --nt-response=%{mschap:NT-Response:-00} -Original Message- From: [EMAIL PROTECTED]

RE: LDAP, PEAP, Active Directory issue

Directory? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Willey Kurt D Sent: Thursday, January 13, 2005 12:21 PM To: freeradius-users@lists.freeradius.org Subject: RE: LDAP, PEAP, Active Directory issue yes -Original Message- From: [EMAIL PROTECTED

RE: LDAP, PEAP, Active Directory issue

. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Willey Kurt D Sent: Thursday, January 13, 2005 3:17 PM To: freeradius-users@lists.freeradius.org Subject: RE: LDAP, PEAP, Active Directory issue AD -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL

RE: Radius with SSL

Use port 636 to your ldaps server, and let the radius server do the work. The hardest part is generating the certificate trust. Sample radiusd.conf for ldaps to Win2K AD: server = 127.0.0.1 port = 636 identity = cn=ldapuser,cn=users,dc=domain,dc=com

RE: Confirmation of LDAP/CHAP and AD

samba -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of [EMAIL PROTECTED] Sent: Wednesday, January 05, 2005 11:24 AM To: freeradius-users@lists.freeradius.org Subject: Re: Confirmation of LDAP/CHAP and AD Okay. Thanks. Now my next question is would

RE: Handler failed in EAP/peap

The error is higher up the debug output -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Hugo Sousa Sent: Sunday, August 15, 2004 2:06 PM To: [EMAIL PROTECTED] Subject: Handler failed in EAP/peap Hi all, I'm having a problem in the EAP/PEAP part, I

RE: PEAP-MSCHAPv2 and LDAP backend

You don't have to edit stuff out of the config... it normally just breaks stuff. Just edit your ldap settings, uncomment the ldap authen/authorize, and you should be ready to rock. -Original Message- From: Nathan Blackham [mailto:[EMAIL PROTECTED] Sent: Thursday, August 05, 2004 10:48 AM

RE: machine authentication w/ w2k ad

On Wed, 28 Jul 2004, Willey Kurt D wrote: I have FreeRADIUS (1.0.0-pre2) doing user authentication with W2K AD (peap, mschap, ldap, ntlm_auth); thanks to the archived posts for the help!! I want to use user authentication for non-domain machines (students, home laptops, etc - done

machine authentication w/ w2k ad

I have FreeRADIUS (1.0.0-pre2) doing user authentication with W2K AD (peap, mschap, ldap, ntlm_auth); thanks to the archived posts for the help!! I want to use user authentication for non-domain machines (students, home laptops, etc - done) and machine authentication for those in active directory

RE: x99_rlm.c error

Follow-up: FreeRADIUS 1.0.0-pre2 seems to compile and install correctly -Original Message- From: Willey Kurt D Sent: Friday, July 23, 2004 4:03 PM To: [EMAIL PROTECTED] Subject: x99_rlm.c error Can anyone shed some light on this error?? Fedora Core 2, FreeRADIUS 1.0.0-pre3 # CC=/usr

ntlm_auth

Anyone have a simple smb.conf they are willing to share for a Samba3-ntlm_auth install incorporated with FreeRADIUS?? THANKS!! - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

x99_rlm.c error

Can anyone shed some light on this error?? Fedora Core 2, FreeRADIUS 1.0.0-pre3 # CC=/usr/local/gcc-3.4.0/bin/gcc ./configure --prefix=/usr/local/radiusd --with-ldap --with-rlm-ldap-lib-dir=/usr/local/ldap/lib --with-rlm-ldap-include-dir=/usr/local/ldap/include/

RE: Dynamic VLAN assignment

I was under the impression that 1 AP = 1 VLAN. Has trunking been added? -Original Message- From: Artur Hecker [mailto:[EMAIL PROTECTED] Sent: Monday, May 24, 2004 5:40 PM To: [EMAIL PROTECTED] Subject: Re: Dynamic VLAN assignment i don't know, but i would say execute an external

RE: Freeradius Segmentation Fault on LDAP Bind

I am working on the same type of project with Fedora Core 1 and gcc 3.3.3, getting the same segmentation fault... I just built a new RedHat 9 test box with gcc 3.2.2-5; works great, even connecting to the LDAP server via OpenSSL. I think the problem may is gcc (on the OpenLDAP and/or FreeRADIUS

RE: Freeradius Segmentation Fault on LDAP Bind

a little time trying to get it to core dump, but I have not been successful. I did 'ulimit -c unlimited', enabled core dumps in radiusd.conf and compiled freeradius with --enable-developer. Yet, it still does not core dump on a segmentation fault. Willey Kurt D wrote: I am working on the same

RE: Freeradius Segmentation Fault on LDAP Bind

Hat has compiled OpenLDAP with SASL support for some time, and I have many other services that access OpenLDAP without a problem. Willey Kurt D wrote: Problem recreated on RH9 with gcc 3.4.0 Turns out the problem is not related to Fedora/RH or gcc: Remove --with-cyrus-sasl when you

RE: Segmentation fault on freeradius-0.9.3 and openldap-2.1.29

Thanks for the reply. I did that but there is no core file. -Original Message- From: Alan DeKok [mailto:[EMAIL PROTECTED] Sent: Friday, May 14, 2004 1:36 AM To: [EMAIL PROTECTED] Subject: Re: Segmentation fault on freeradius-0.9.3 and openldap-2.1.29 Willey Kurt D [EMAIL PROTECTED

RE: Segmentation fault on freeradius-0.9.3 and openldap-2.1.29

and openldap-2.1.29 Willey Kurt D [EMAIL PROTECTED] wrote: Thanks for the reply. I did that but there is no core file. Run it under gdb, I guess. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html