The server is sending: --username=AMS\\mcapelle
You need to strip the domain, check the ntdomain option or
nt_domain_hack
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of
[EMAIL PROTECTED]
Sent: Thursday, January 20, 2005 10:39 AM
To:
realm ntdomain {
format = prefix
delimiter = \\
ignore_default = no
ignore_null = no
}
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of
[EMAIL PROTECTED]
Sent: Thursday,
This is what I use
ntlm_auth = /usr/local/samba/bin/ntlm_auth --request-nt-key
--username=%{Stripped-User-Name:-%{User-Name:-None}} --challenge=
%{mschap:Challenge:-00} --nt-response=%{mschap:NT-Response:-00}
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf
@lists.freeradius.org
Subject: RE: LDAP, PEAP, Active Directory issue
Where is a good place to read the details of how ntlm_auth integrates in
with AD ?
Ron.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Willey
Kurt D
Sent: Thursday, January 13, 2005 3:27 PM
)connection attempt failed
rlm_ldap: search failed
ldap_release_conn: Release Id: 0
--
On Mon, 10 Jan 2005, Willey Kurt D wrote:
Use port 636 to your ldaps server, and let the radius server do the
work. The hardest part is generating
accept.
TLS: error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca
/usr/src/secure/lib/libssl/../../../crypto/openssl/ssl/s3_pkt.c:1052
^Cslapd shutdown: waiting for 0 threads to terminate
slapd stopped.
-
On Thu, 13 Jan 2005, Willey Kurt D wrote
yes
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Israel
Fabio Alves
Sent: Thursday, January 13, 2005 1:19 PM
To: freeradius-users@lists.freeradius.org
Subject: Re: LDAP, PEAP, Active Directory issue
Hi,
I have a question about the problem bellow.
If
Softerra ldap browser helped with AD structure
Relevant radiusd.conf
mschap {
snip
with_ntdomain_hack = yes
ntlm_auth = /usr/local/samba/bin/ntlm_auth --request-nt-key
--username=%{Stripped-User-Name:-%{User-Name:-None}} --challenge=
%{mschap:Challenge:-00} --nt-response=%{mschap:NT-Response:-00}
Point ntlm_auth to your samba install; like:
ntlm_auth = /your/install/location/samba/bin/ntlm_auth --request-nt-key
--username=%{Stripped-User-Name:-%{User-Name:-None}} --challenge=
%{mschap:Challenge:-00} --nt-response=%{mschap:NT-Response:-00}
-Original Message-
From: [EMAIL PROTECTED]
Directory?
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Willey
Kurt D
Sent: Thursday, January 13, 2005 12:21 PM
To: freeradius-users@lists.freeradius.org
Subject: RE: LDAP, PEAP, Active Directory issue
yes
-Original Message-
From: [EMAIL PROTECTED
.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Willey
Kurt D
Sent: Thursday, January 13, 2005 3:17 PM
To: freeradius-users@lists.freeradius.org
Subject: RE: LDAP, PEAP, Active Directory issue
AD
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL
Use port 636 to your ldaps server, and let the radius server do the
work. The hardest part is generating the certificate trust.
Sample radiusd.conf for ldaps to Win2K AD:
server = 127.0.0.1
port = 636
identity = cn=ldapuser,cn=users,dc=domain,dc=com
samba
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of
[EMAIL PROTECTED]
Sent: Wednesday, January 05, 2005 11:24 AM
To: freeradius-users@lists.freeradius.org
Subject: Re: Confirmation of LDAP/CHAP and AD
Okay. Thanks.
Now my next question is would
The error is higher up the debug output
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Hugo Sousa
Sent: Sunday, August 15, 2004 2:06 PM
To: [EMAIL PROTECTED]
Subject: Handler failed in EAP/peap
Hi all,
I'm having a problem in the EAP/PEAP part, I
You don't have to edit stuff out of the config... it normally just
breaks stuff. Just edit your ldap settings, uncomment the ldap
authen/authorize, and you should be ready to rock.
-Original Message-
From: Nathan Blackham [mailto:[EMAIL PROTECTED]
Sent: Thursday, August 05, 2004 10:48 AM
On Wed, 28 Jul 2004, Willey Kurt D wrote:
I have FreeRADIUS (1.0.0-pre2) doing user authentication with W2K AD
(peap, mschap, ldap, ntlm_auth); thanks to the archived posts for the
help!!
I want to use user authentication for non-domain machines (students,
home laptops, etc - done
I have FreeRADIUS (1.0.0-pre2) doing user authentication with W2K AD
(peap, mschap, ldap, ntlm_auth); thanks to the archived posts for the
help!!
I want to use user authentication for non-domain machines (students,
home laptops, etc - done) and machine authentication for those in active
directory
Follow-up: FreeRADIUS 1.0.0-pre2 seems to compile and install correctly
-Original Message-
From: Willey Kurt D
Sent: Friday, July 23, 2004 4:03 PM
To: [EMAIL PROTECTED]
Subject: x99_rlm.c error
Can anyone shed some light on this error??
Fedora Core 2, FreeRADIUS 1.0.0-pre3
# CC=/usr
Anyone have a simple smb.conf they are willing to share for a
Samba3-ntlm_auth install incorporated with FreeRADIUS??
THANKS!!
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Can anyone shed some light on this error??
Fedora Core 2, FreeRADIUS 1.0.0-pre3
# CC=/usr/local/gcc-3.4.0/bin/gcc ./configure
--prefix=/usr/local/radiusd --with-ldap
--with-rlm-ldap-lib-dir=/usr/local/ldap/lib
--with-rlm-ldap-include-dir=/usr/local/ldap/include/
I was under the impression that 1 AP = 1 VLAN. Has trunking been added?
-Original Message-
From: Artur Hecker [mailto:[EMAIL PROTECTED]
Sent: Monday, May 24, 2004 5:40 PM
To: [EMAIL PROTECTED]
Subject: Re: Dynamic VLAN assignment
i don't know, but i would say execute an external
I am working on the same type of project with Fedora Core 1 and gcc
3.3.3, getting the same segmentation fault...
I just built a new RedHat 9 test box with gcc 3.2.2-5; works great, even
connecting to the LDAP server via OpenSSL.
I think the problem may is gcc (on the OpenLDAP and/or FreeRADIUS
a little time trying to get it to core dump, but I have not been
successful. I did 'ulimit -c unlimited', enabled core dumps in
radiusd.conf and compiled freeradius with --enable-developer. Yet, it
still does not core dump on a segmentation fault.
Willey Kurt D wrote:
I am working on the same
Hat has compiled OpenLDAP
with SASL support for some time, and I have many other services that
access OpenLDAP without a problem.
Willey Kurt D wrote:
Problem recreated on RH9 with gcc 3.4.0
Turns out the problem is not related to Fedora/RH or gcc:
Remove --with-cyrus-sasl when you
Thanks for the reply. I did that but there is no core file.
-Original Message-
From: Alan DeKok [mailto:[EMAIL PROTECTED]
Sent: Friday, May 14, 2004 1:36 AM
To: [EMAIL PROTECTED]
Subject: Re: Segmentation fault on freeradius-0.9.3 and openldap-2.1.29
Willey Kurt D [EMAIL PROTECTED
and openldap-2.1.29
Willey Kurt D [EMAIL PROTECTED] wrote:
Thanks for the reply. I did that but there is no core file.
Run it under gdb, I guess.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
26 matches
Mail list logo