|
Hello,
I've compiled freeradius with pam functionality. I created a module named radiusd in /etc/pam.d to establish an authentication against the NT-Domain.
The modules listed following
#%PAM-1.0 auth sufficient /lib/security/pam_winbind.so auth required /lib/security/pam_unix_auth.so shadow md5 nullok auth required /lib/security/pam_nologin.so account required /lib/security/pam_winbind.so account required /lib/security/pam_unix_acct.so password required /lib/security/pam_winbind.so password required /lib/security/pam_cracklib.so password required /lib/security/pam_unix_passwd.so shadow md5 nullok use_authok session required /lib/security/pam_unix_session.so
It doesn't work.
Please could anyone help me to solve this problem
The following message comes from my debugging. In /var/log/messages the user who I want to authenticate get an "granted acces".
So I think the password or the "ok" message doesn't reach the radius server.
rad_check_password: Found Auth-Type Pam auth: type "PAM" modcall: entering group authenticate pam_pass: using pamauth string <radiusd> for pam.conf lookup pam_pass: function pam_acct_mgmt FAILED for <ihm>. Reason: Authentication service cannot retrieve authentication info. modcall[authenticate]: module "pam" returns reject modcall: group authenticate returns reject auth: Failed to validate the user.
Regards
Christian Ihm
|
- Re: Problem PAM authenticate against an NT-Domain Christian . Ihm
