On Tue, 22 Nov 2005, charles schwartz wrote: > Hi list, > > A lot of people on this list would like to integrate Active Directory with > FreeRADIUS in order to provide a transparent user authentication login > process. > > There are at least 2 ways to integrate AD: LDAP and NTLM. > I've written a tutorial about how to do this with NTLM (winbind, ntlm_auth). > The Windows supplicants are configured to work with PEAP and MSCHAPv2. > > You can download it from here: > http://homepages.lu/charlesschwartz/radius/freeRadius_AD_tutorial.pdf >
thanks for this. I change to use the /dev/random as per your tutorial but radiusd hangs. When I change the random_file back to the original then it works random_file = ${raddbdir}/certs/random In my tls section of eap.conf I have tls { private_key_password = whatever private_key_file = ${raddbdir}/certs/cert-srv.pem CA_file = ${raddbdir}/certs/demoCA/cacert.pem dh_file = ${raddbdir}/certs/dh random_file = /dev/random } But when I run radiusd -X it just hangs there after getting to the following. rlm_eap: Loaded and initialized type gtc tls: rsa_key_exchange = no tls: dh_key_exchange = yes tls: rsa_key_length = 512 tls: dh_key_length = 512 tls: verify_depth = 0 tls: CA_path = "(null)" tls: pem_file_type = yes tls: private_key_file = "/etc/freeradius/certs/cert-srv.pem" tls: certificate_file = "/etc/freeradius/certs/cert-srv.pem" tls: CA_file = "/etc/freeradius/certs/demoCA/cacert.pem" tls: private_key_password = "whatever" tls: dh_file = "/etc/freeradius/certs/dh" tls: random_file = "/dev/random" tls: fragment_size = 1024 tls: include_length = yes tls: check_crl = no tls: check_cert_cn = "(null)" And Strace shows 13519 open("/etc/freeradius/certs/demoCA/cacert.pem", O_RDONLY|O_LARGEFILE) = 6 13519 fstat64(6, {st_mode=S_IFREG|0644, st_size=1350, ...}) = 0 13519 open("/etc/freeradius/certs/cert-srv.pem", O_RDONLY|O_LARGEFILE) = 6 13519 fstat64(6, {st_mode=S_IFREG|0644, st_size=2429, ...}) = 0 13519 open("/etc/freeradius/certs/cert-srv.pem", O_RDONLY|O_LARGEFILE) = 6 13519 fstat64(6, {st_mode=S_IFREG|0644, st_size=2429, ...}) = 0 13519 stat64("/dev/random", {st_mode=S_IFCHR|0666, st_rdev=makedev(1, 8), ...}) = 0 13519 open("/dev/random", O_RDONLY) = 6 [EMAIL PROTECTED] /usr/lib/ssl ]# ls -la /dev/random crw-rw-rw- 1 root root 1, 8 Nov 2 12:02 /dev/random [EMAIL PROTECTED] /usr/lib/ssl ]# ls -la /dev/urandom cr--r--r-- 1 root root 1, 9 Nov 2 12:02 /dev/urandom - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html