Some things I've noticed from your attached
files
Module: Loaded MS-CHAP mschap: use_mppe =
yesmschap: require_encryption = yesmschap: require_strong =
yes
I've never enabled these before, I'm unaware what
affect they will have
tls: pem_file_type = yestls: private_key_file
=
King, Michael
[EMAIL PROTECTED]
11/06/2006 04:04 PM
To
[EMAIL PROTECTED], FreeRadius
users mailing list freeradius-users@lists.freeradius.org
cc
Subject
RE: freeradius and ntlm_auth howto
Some things I've noticed from
your attached files
Module: Loaded MS-CHAP
mschap: use_mppe
All,
I finally got it working, but not yet
as i want.
The trick that made it work is settings
auth-type := MSCHAPv2 for the user(s) and i also started radiusd as root(changed
the rights without success to radiusd, but once everything is working i
will try to run again with radiusd user)
If i
[EMAIL PROTECTED] wrote:
All,
I finally got it working, but not yet as i want.
The trick that made it work is settings auth-type := MSCHAPv2 for the
You should not do that, and should not *have* to do that.
Most likely you have not put the mschap module in the authorize section,
*or* you
Here's the full log:
Waking up in 6 seconds...
rad_recv: Access-Request packet from
host 10.104.254.73:1645, id=67, length=259
User-Name
= KMT-EU.KMTG.NET\\sstruyf
Framed-MTU
= 1400
Called-Station-Id
= 0016.469b.7cd0
Calling-Station-Id
= 0011.851a.cc37
Service-Type
=
Did you notice the response from ntlm_auth:
Exec-Program: /usr/bin/ntlm_auth --request-nt-key
--username=sstruyf --challenge=decc4450c3b83d2c
--nt-response=1af36673f68f926b4cc76bf8cd9f440d0c36396981ad345
Exec-Program
output: Logon failure (0xc06d)
This indicates an invalid
[EMAIL PROTECTED]
wrote on 10/27/2006 02:54:52 PM:
Did you notice the response from ntlm_auth:
Exec-Program: /usr/bin/ntlm_auth --request-nt-key
--username=sstruyf
--challenge=decc4450c3b83d2c --nt-
response=1af36673f68f926b4cc76bf8cd9f440d0c36396981ad345
Exec-Program output:
Let's see if we can get this solved...
-Original Message-
Here's the full log:
Waking up in 6 seconds...
rad_recv: Access-Request packet from host 10.104.254.73:1645,
This is NOT the full log. The full log would have started with the line
/path/to/radiusd -X
Some important
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
The debugging output is exactly saying whats wrong
Exec-Program output: winbind client not authorized to use
winbindd_pam_auth_crap. Ensure permissions on
/var/cache/samba/winbindd_privileged are set correctly.
[EMAIL PROTECTED] wrote:
I am trying to authenticate my wifi users via our AD. I'm finding bits and
pieces on the internet to configure things, but no completely usable
howto.
What's missing from any of the HOWTO's? There's some on the Wiki,
and one on my site.
Exec-Program-Wait:
10 matches
Mail list logo