Packetfence server is added to the domain and pf is in the wbpriv group. Stepping back, I tried a user connection with wbinfo and got this:
[root@pfcv samba]# wbinfo -a testacct%password plaintext password authentication failed Could not authenticate user testacct%password with plaintext password challenge/response password authentication failed error code was NT_STATUS_NO_TRUST_SAM_ACCOUNT (0xc000018b) error message was: No trusted SAM account Could not authenticate user omnicompacct with challenge/response From: Tim DeNike [mailto:[email protected]] Sent: Tuesday, August 12, 2014 12:26 PM To: [email protected] Subject: Re: [PacketFence-users] "No trusted SAM account" Did you add Packetfence to the domain? Also, make sure the pf user is in the wbpriv group (I think its wbpriv) so it is able to do win bind querys. On Tue, Aug 12, 2014 at 12:13 PM, Stormont, Stephen (IMS) <[email protected]<mailto:[email protected]>> wrote: We are very close to getting 802.1x working in our environment, but now are getting the “No trusted SAM account” message below. The computer that we are trying this on does have a machine account in the domain. It is a Windows 7 machine, that we have started the “Wired AutoConfig” service. In the “Authentication” section of the connection properties, we have checked “Enable IEEE 802.1X authentication”, Microsoft: Protected EAP (PEAP), “Remember my credentials for this connection each time I’m logged on”, and “Fallback to unauthorized network access”. Under “Setings”, the only option that is checked is “Enable Fast Reconnect” and we have selected “Secured password (EAP-MSCHAP v2)”. Under “Advanced settings”, we have checked “Specify authentication mode” and selected “Computer Authentication”. End of our radius.log Tue Aug 12 11:55:59 2014 : Auth: Login incorrect (mschap: External script says No trusted SAM account (0xc000018b)): [host/LT-T430-3.omni.imsweb.com<http://LT-T430-3.omni.imsweb.com>] (from client 172.22.34.2 port 4028 cli 3C-97-0E-AD-B6-6B via TLS tunnel) Tue Aug 12 11:55:59 2014 : Auth: Login incorrect: [host/LT-T430-3.omni.imsweb.com<http://LT-T430-3.omni.imsweb.com>] (from client 172.22.34.2 port 4028 cli 3C-97-0E-AD-B6-6B) Tue Aug 12 11:56:58 2014 : Auth: Login incorrect (mschap: External script says No trusted SAM account (0xc000018b)): [host/LT-T430-3.omni.imsweb.com<http://LT-T430-3.omni.imsweb.com>] (from client 172.22.34.2 port 4028 cli 3C-97-0E-AD-B6-6B via TLS tunnel) Tue Aug 12 11:56:58 2014 : Auth: Login incorrect: [host/LT-T430-3.omni.imsweb.com<http://LT-T430-3.omni.imsweb.com>] (from client 172.22.34.2 port 4028 cli 3C-97-0E-AD-B6-6B) ________________________________ Information in this e-mail may be confidential. It is intended only for the addressee(s) identified above. If you are not the addressee(s), or an employee or agent of the addressee(s), please note that any dissemination, distribution, or copying of this communication is strictly prohibited. If you have received this e-mail in error, please notify the sender of the error. ------------------------------------------------------------------------------ _______________________________________________ PacketFence-users mailing list [email protected]<mailto:[email protected]> https://lists.sourceforge.net/lists/listinfo/packetfence-users ________________________________ Information in this e-mail may be confidential. It is intended only for the addressee(s) identified above. If you are not the addressee(s), or an employee or agent of the addressee(s), please note that any dissemination, distribution, or copying of this communication is strictly prohibited. If you have received this e-mail in error, please notify the sender of the error.
------------------------------------------------------------------------------
_______________________________________________ PacketFence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users
