Re: Freeradius issue : Active Directory Integration

2013-10-04 Thread Andreas Sartori 
Hi,

 Hello,
 I am facing issue with MS CHAP authentication in Ubuntu 13.04 . Also
 NTLM Authentication takes place when putting 'wait = no' in
 /etc/freeradius/modules/ntlm_auth
 


is ntml_auth on the command line working?
Please provide some debug output.

regards
-andreas

-- 
___
FACHHOCHSCHULE SALZBURG GmbH
Salzburg University of Applied Sciences

Andreas Sartori
Systems Engineer
IS - Information Services

Lecturer
ITS - Information Technology and Systems Management
MMT - Multimedia Technology
Urstein Süd 1 | 5412 Puch/Salzburg | Austria
fon:  +43 (0)50-2211-1655 | fax: -1699
web: www.fh-salzburg.ac.at

Gerichtsstand Salzburg | FN166054y
___

- Original Message -
 From: Shameek Bhattacharya shamee...@gmail.com
 To: freeradius-users@lists.freeradius.org
 Sent: Friday, October 4, 2013 8:02:59 AM
 Subject: Freeradius issue : Active Directory Integration
 
 
 
 
 
 
 Hello,
 I am facing issue with MS CHAP authentication in Ubuntu 13.04 . Also
 NTLM Authentication takes place when putting 'wait = no' in
 /etc/freeradius/modules/ntlm_auth
 
 ie
 exec ntlm_auth {
 wait = no
 program = “/usr/bin/ntlm_auth -request-nt-key
 -username=%{mschap:User-Name} -password=%{User-Password}”
 }
 
 
 
 
 
 But MS CHAP fails completely . Tried all options but not working at
 all . I have another Freeradius Server with same configuration which
 is working perfectly. The only difference is that the faulty Radius
 Server was joined to Domain with a backup administrator account ,
 not with the default Domain Administrator account . Is this creating
 the issue ? Please suggest . I have attached the debug output.
 
 
 Regards,
 
 Shameek
 
 
 
 -
 List info/subscribe/unsubscribe? See
 http://www.freeradius.org/list/users.html
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: Freeradius issue : Active Directory Integration

2013-10-04 Thread Alan Buxey 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Hi.

Wondering what authentication method you are using as maybe looking at wrong 
ntlm  check the mschap module for its ntlm_auth incantation.  Also, if you 
have doubts about the AD account used to bind them follow that up.  Get it 
bound in the same way. What does ntlm_auth do on the command line for you?


alan
- --
Sent from my Android device with K-9 Mail. Please excuse my brevity.
-BEGIN PGP SIGNATURE-
Version: APG v1.0.8

iHkEAREIADkFAlJOYUIyHEFsYW4gQnV4ZXkgKEFsYW4gQnV4ZXkpIDxhLmwubS5i
dXhleUBsYm9yby5hYy51az4ACgkQobRdvRSkLC6y4ACdEIQs/dxW8YhNraSmI3pX
qbNXMmcAn2s9S34AfgH/JbgqjHiYr51Vw9uN
=lpVL
-END PGP SIGNATURE-

-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: Freeradius issue : Active Directory Integration

2013-10-04 Thread Phil Mayers 

On 10/04/2013 07:02 AM, Shameek Bhattacharya wrote:


Hello,
  I am facing issue with MS CHAP authentication in Ubuntu 13.04 .
Also NTLM Authentication takes place when putting 'wait = no' in
/etc/freeradius/modules/ntlm_auth

ie
exec ntlm_auth {
 wait = no


wait = no is wrong here. You need to wait, to check the result of 
authentication.

-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html