On Tue, Dec 10, 2002 at 12:11:28AM -0300, Rodolfo Siviero Stein wrote: > I am trying to configure a freeradius server to authenticate users > in an NT Domain. I am using RedHat 7.3, but I am a newbie with smb > related things.
> I don't understand PAM very well, so I don't know if my PAM_SMB > configuration is working (I did it using authconfig).... > Anybody can send me a working radiusd PAM file (my files are > above)? > Is this way ( freradius -> PAM -> pam_smb -> NT Domain) the best way > to authenticate these users ? I see in the experimental.conf about a SMB > authication type , but I don't know how to use it. Use pam_winbind instead of pam_smb_auth; pam_smb_auth doesn't leverage the more secure NT-style communications, relying instead on basic Win9x-style authentication. Otherwise, PAM is probably as good as anything else at present. The one thing PAM can never give you is MS-CHAP support, but this is a theoretical distinction only, since freeradius MS-CHAP support currently doesn't interface with NT domains. -- Steve Langasek postmodern programmer - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
