The how to lists the user account in bold indicating it should be modified to fit my environment. I created a user named rtest in active directory and am using that account for testing I do not think it will matter if I create a user called user to test with but I can.
There is an entry in the users file that states (according to the how to this can be used for testing) rtest Auth-type := "ntlm_auth" (Btw this fails unless ntlm_auth is inside quotes which is not shown in the how to) Which doesn't work using radtest. As far as the "warning" where exactly in the how to does it say to disable local auth because I sure didn't see it. This is enabled in the default install apparently because I sure didn't enable it. I appreciate the reply... --- Sent from Blackberry handheld device ----- Original Message ----- From: [EMAIL PROTECTED] <[EMAIL PROTECTED]> To: FreeRadius users mailing list <[email protected]> Sent: Wed Dec 03 18:10:09 2008 Subject: RE: Beating a dead horse, or freeradius 2.1.1 and active directory >Rupert had mentioned in this thread that the switch is sending a PAP request >and that it isn't being forwarded to the ntlm_auth module because of that, >which makes sense I suppose. I am wondering though is there a way to >configure the radius server to forward (or proxy) authentication requests to >the KDC for authentication? I think what I'm doing is a little outside of the >how-to that has been referenced. > .. > Module: Instantiating ntlm_auth > exec ntlm_auth { > wait = yes > program = "/usr/bin/ntlm_auth ntlm_auth --request-nt-key > --domain=SKYLIGHT --username=%{mschap:User-Name} --password=%{User-Password}" > input_pairs = "request" > shell_escape = yes > } .. >rad_recv: Access-Request packet from host <switch> port 1645, id=46, length=84 > User-Name = "rtest" > User-Password = "<omitted>" > NAS-Port = 2 > NAS-Port-Id = "tty2" > NAS-Port-Type = Virtual > Calling-Station-Id = "<omitted>" > NAS-IP-Address = +- entering group authorize {...} .. >[files] users: Matched entry rtest at line 1 >++[files] returns ok .. >Found Auth-Type = Local >WARNING: Please update your configuration, and remove 'Auth-Type = Local' So, what happened to following the howto? Why is user entry for rtest setting Auth-Type Local and not ntlm_auth? There is nothing like that mentioned in the instructions. Debug is also printing a clear warning that that is wrong. Ivan Kalik Kalik Informatika ISP - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
