>> j.cluzel wrote:
>> Is it possible to authenticate a machine account with ntlm_auth ?
>No. AD does not permit that.
> Alan DeKok.
I'm very frustrated now after spending a couple of weeks trying to get
free radius to authenticate my Win2k machine accounts against active
directory. :-(
Alan,
Alan,
Sorry about duplicating my original email. I found your reply about 3
seconds after doing that.
Here is the stack trace.
Maybe my version of ssl is too old?
[EMAIL PROTECTED] bin]$ openssl
OpenSSL> version
OpenSSL 0.9.7b 10 Apr 2003
#0 0x402d4a97 in eaptls_gen_mppe_keys (reply_vps=0x
Folks,
I'm repeating this message incase people thought it was not the
original. I had the Fw: on the front of the subject.
I'm trying to get TTLS/PAP working using freeradius 1.0.4. I must have
it configured incorrectly because its giving a Segmentation fault just
before giving the Access-Acce
Folks,
I'm trying to get TTLS/PAP working using freeradius 1.0.4. I must have
it configured incorrectly because its giving a Segmentation fault just
before giving the Access-Accept & EAP-Success back to the switch. I
have searched the archives for a solution but not found help to sort my
problem
Folks,
Could someone explain why we have to use samba to authenticate against active
directory. Is there any other way to authenticate MS-CHAP attributes against
active directory without using samba.
I don't have anything against samba, its just another thing to configure and
learn that I cou
Stéphane,
Thanks for the help.
Martin
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of DELORT Stephane
Sent: 20 May 2005 12:48
To: freeradius-users@lists.freeradius.org
Subject: RE: Active Directory and mschapv2
Hello Martin,
You can use ntlm_auth to au
Folks,
I'd like freeradius to authenticate me to an Active directory using
mschapv2. Can it do that currently from the code it seems that it can
only do this for passwords stored locally.
Heres a comment from src/modules/rlm_mschap.c
/*
* Do the MS-CHAP stuff.
*
* This function is
Alan,
This is not causing me a problem at all. I was just wondering what I
had wrong in my configuration to cause it to happen.
Martin
5.44. Table of Attributes
The following table provides a guide to which attributes may be found
in which kinds of packets, and in what quantity.
Oops. I meant to say
It is NOT causing me a problem it is just not what is supposed to happen
I
think.
Sorry
Martin.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of
[EMAIL PROTECTED]
Sent: 21 January 2005 10:12
To: freeradius-users@lists.freeradius.or
Alan,
I'm not using an NAS to send the Access-Request. I'm using
radeapclient.
It is causing me a problem it is just not what is supposed to happen I
think.
freeradius version 1.0.1
I had tried to attach some configuration files but they bounced off the
mail server saying " Message is bigger t
Joh,
Thanks for the suggestion. I tried it but I'm still getting attributes
in the Access-Challenge packet. The output is shown below.
Regards,
Martin.
[EMAIL PROTECTED] rlm_eap]$ ./radeapclient -x 10.230.199.211 auth
SharedSecret < ~/EAP/req.txt
+++> About to send encoded packet:
Hello all,
I was trying to get EAP-MD5 authentication working with freeradius. I'm
using radeapclient to send in the request.
I have a user in my users file as shown below.
DNIS:123456789 Auth-Type := Local, User-Password == "marty"
Service-Type = Framed-User,
Framed-Protocol =
Hello,
I think Freeradius does not comply with RFC3579 with respect of the EAP
Start packet.
RFC 3579 says that an empty EAP-Message attribute signifies the
EAP-Start. To me this means the following attribute hex 0x4f 0x02
An evaluation copy of Steel Belted RADIUS takes 0x4f 0x02 as a valid EAP
Alan,
The problem I was having is fixed in the latest CVS snapshot. The old
version of eap.c was printing out the EAP code as the identity.
>> Nothing. Use the latest CVS snapshot. 0.9.0 is *very* old.
DEBUG2(" rlm_eap: EAP packet type %s id %d length %d",
eap_types
Hello all,
I have two EAP related questions when running radiusd: FreeRADIUS
Version 0.9.0 running in debug mode -X.
Question 1. RFC 3579 states that "EAP-Start is indicated by sending an
EAP-Message attribute with a length of 2 (no data). I interpret this to
be the following two bytes '0x49 0x
15 matches
Mail list logo