Hi,
I have a freebsd box with a working freeradius 1.0.4 on it.
PEAP works fine but I have to be logged before...
Here is my problem, when I try to log on my domain, Windows complains
about the fact that it is unable to find my profile on the server (or
sometimes that the domain X is
Hi,
Is it possible to authenticate a machine account with ntlm_auth ?
When a machine tries to authencate itself, the username looks like this:
host/hostname.domain.org
I don't know if ntlm_auth is able to understand this format...
Regards
Jeremy
-
List info/subscribe/unsubscribe? See
Hi,
I try to rewrite User-Name attr. from COMPUTER_NAME\\User-Name to
User-Name.
I prefer not to use the proxy.conf file because I've a lots of
differents COMPUTER_NAME.
I think attr_rewrite will do the job, but I don't know (I'm not very
good at regexp...)
Thanks
Jeremy
-
List
Hi,
I'm trying to setup a system which allow users to login for a specific
period (1 month, or 1 week, it depends on the type of the account) since
their first connection.
I manage to do this by a cron script which removes them from database,
but it's (really) crap... Is there any proper way
How can I add this OID to my machine certs ? using CA.certs script and xpextensions file ?
Regards,
Jeremy
Ben Walding ben.walding at gmail.com wrote:
I also found using machine certificates to be hit and miss (some
machines they'd be picked up, others they wouldn't - all XP SP2 with
Sorry, but I didn't find any references of this OID in the creation scripts in the
scripts directory (Ca.all, CA.certs...).
The only OID added seem to be 1.3.6.1.5.5.7.3.1 and 1.3.6.1.5.5.7.3.2 (in
xpextensions).
Is there any way to do this without patching openssl (like explained there
Hi Guy,
Do you know working supplicants with a GINA module ? aegis ? secureW2 ?
Regards,
Jeremy
[EMAIL PROTECTED] a crit:
Date: Thu, 1 Sep 2005 17:10:14 +0100
From: "Guy Davies" [EMAIL PROTECTED]
Subject: RE: Windows Client Authentification bevore Domain logon
To: "FreeRadius users
Hi,
I want to convert the User-Name recieved:
\host\login.server.domain.com to username.
What's the best way to do this ?
- using preprocess module and hints file:
DEFAULTPrefix == /host, Strip-User-Name = Yes
DEFAULTSuffix == .server.domain.com, Strip-User-Name = Yes
- using
Hi,
I want to use
- EAP-TLS for machine auth (with cert.)
then
- EAP-PEAP for the user auth (with login/password)
I managed to make both to work alone but not together...
I just want to follow the xp supplicant behaviour:
- computer auth. before logon to gain network access to the domain
Hi,
Hi,
- user auth after the doain controler has accepted logon.
Does anybody know if the windows XP supplicant is able to do this ?
Do I need a better supplicant ? aegis? secureW2? Funk Odissey ?
i believe it wont do anything useful or multifunctional like
you require. a good
Hi,
I looked in the samba 3.0.20 source code and I only found 2 calls to the
init_id_info2() function in the
samba/source/rpc_client/cli_netlogon.c file:
In the cli_netlogon_sam_logon() function:
701 init_id_info2(ctr.auth.id2, lp_workgroup(),
702
Hi,
I'm trying to set a PEAP Authentication with the rlm_mschap.c /
cli_netlogon.c hacks provided by M. Griego.
The user auth still working (as before), but the computer still not...
(a copy of the debug log. is in attachement)
According to the log, the rlm_mschap seems to be effective, but
Hello,
I want to do machine auth with PEAP for my laptop before windows logon.
I managed to do it with ntlm_auth before, but this time, I've another
problem, there is no PDC.
So, is it possible to use the users file instead like this:
computer_name User-Password ==
(As far as I remember it
Hello,
I'm under FreeBSD 6.0 - Freeradius 1.0.5
I did an install from the port (/usr/ports/net/freeradius) with
rlm_sql_mysql enabled.
I set radiusd_enable=YES in rc.conf
But when I reboot, radius doesn't start and I got this in my
/var/log/radius.log:
Sat Jan 28 00:39:55 2006 : Error:
James J J Hooper a écrit :
Radius is working fine ... ntlm_auth is returning 'Logon failure' i.e
either samba / your 2003 AD thinks the password is wrong (look at the event
viewer on the domain controller) or you do not have permission to
authenticate.
Well, I know that the password typed
Hello,
I try to secure my wireless LAN with freeradius.
I managed to do PEAP (with auth_ntlm) against a windows 2003 server AD.
Both machines and users auth work.
Now, I try to do the same (still PEAP) against a samba server acting as
PDC (not AD).
But, I have a problem, the machine (which
Well, I search for PEAP Machine Authentication, and I only found some
of my posts concerning how to make machine auth working against a
windows AD... nothing concerning a samba acting as PDC...
As I said, PEAP auth (both machine and user) work against an AD, the
problem only concerns the samba
Well, I solved my problem by setting this:
ntlm_auth = /usr/local/bin/ntlm_auth --request-nt-key
--username=%{mschap:User-Name} --challenge=%{mschap:Challenge:-00}
--nt-response=%{mschap:NT-Response:-00}
Thanks to everybody.
Jeremy
Jérémy Cluzel wrote
18 matches
Mail list logo