Hi Louis,
I’ve followed this hint
http://sourceforge.net/p/packetfence/mailman/message/34280896/ to get machine
accounts work properly..
So my configuration is:
realm.conf
[TESTDOMAIN]
domain=TESTSERVER
options=strip
[TESTDOMAIN.COM]
domain=TESTSERVER
options=strip
[NULL]
domain=TESTSERVER
options=nostrip
domain.conf
[TESTSERVER]
bind_pass=
dns_server=192.168.10.10
bind_dn=administrator
workgroup=TESTDOMAIN
ad_server=testserver.testdomain.com
server_name=testserver
dns_name=testdomain.com
proxy.conf.inc
# This file is generated from a template at
/usr/local/pf/conf/radiusd/proxy.conf.inc
# Any changes made to this file will be lost on restart
realm TESTDOMAIN {
strip
}
realm TESTDOMAIN.COM {
strip
}
realm NULL {
nostrip
}
Thanks in advance!
Dennis
Von: Louis Munro
Antworten an:
"[email protected]<mailto:[email protected]>"
Datum: Mittwoch, 5. August 2015 17:49
An:
"[email protected]<mailto:[email protected]>"
Betreff: Re: [PacketFence-users] Auth: Login incorrect (mschap: External script
says Reading winbind reply failed! (0xc0000001))
Looks to me like the domain is not correctly defined or you don’t have a
default domain.
Can you post conf/realm.conf, conf/domain.conf and raddb/proxy.conf.inc?
--
Louis Munro
[email protected]<mailto:[email protected]> ::
www.inverse.ca<http://www.inverse.ca>
+1.514.447.4918 x125 :: +1 (866) 353-6153 x125
Inverse inc. :: Leaders behind SOGo (www.sogo.nu<http://www.sogo.nu>) and
PacketFence (www.packetfence.org<http://www.packetfence.org>)
On Aug 5, 2015, at 11:23 , Dennis Schulmeyer
<[email protected]<mailto:[email protected]>> wrote:
Wed Aug 5 17:12:20 2015 : Debug: [eap] EAP/mschapv2
Wed Aug 5 17:12:20 2015 : Debug: [eap] processing type mschapv2
Wed Aug 5 17:12:20 2015 : Debug: [mschapv2] # Executing group from file
/usr/local/pf/raddb//sites-enabled/packetfence-tunnel
Wed Aug 5 17:12:20 2015 : Debug: [mschapv2] +group MS-CHAP {
Wed Aug 5 17:12:20 2015 : Debug: [mschapv2] ++? if (PacketFence-Domain)
Wed Aug 5 17:12:20 2015 : Debug: [mschapv2] ? Evaluating (PacketFence-Domain)
-> FALSE
Wed Aug 5 17:12:20 2015 : Debug: [mschapv2] ++? if (PacketFence-Domain) ->
FALSE
Wed Aug 5 17:12:20 2015 : Debug: [mschapv2] ++else else {
Wed Aug 5 17:12:20 2015 : Debug: [mschap] Creating challenge hash with
username: host/PC001.testdomain.com<http://pc001.testdomain.com/>
Wed Aug 5 17:12:20 2015 : Debug: [mschap] Client is using MS-CHAPv2 for
host/PC001.testdomain.com<http://pc001.testdomain.com/>, we need NT-Password
Wed Aug 5 17:12:20 2015 : Debug: [mschap] expand: %{Stripped-User-Name} ->
Wed Aug 5 17:12:20 2015 : Debug: [mschap] ... expanding second conditional
Wed Aug 5 17:12:20 2015 : Debug: [mschap] expand: %{mschap:User-Name:-None} ->
PC001$
Wed Aug 5 17:12:20 2015 : Debug: [mschap] expand:
--username=%{%{Stripped-User-Name}:-%{mschap:User-Name:-None}} ->
--username=PC001$
Wed Aug 5 17:12:20 2015 : Debug: [mschap] Creating challenge hash with
username: host/PC001.testdomain.com<http://pc001.testdomain.com/>
Wed Aug 5 17:12:20 2015 : Debug: [mschap] expand:
--challenge=%{mschap:Challenge:-00} -> --challenge=008ed3fa50ed746a
Wed Aug 5 17:12:20 2015 : Debug: [mschap] expand:
--nt-response=%{mschap:NT-Response:-00} ->
--nt-response=5ddae5e07d7a2dc1733531fce4eb8a772ad350309533952d
Wed Aug 5 17:12:20 2015 : Debug: [mschap] Exec: program returned: 1
Wed Aug 5 17:12:20 2015 : Debug: [mschap] External script failed.
Wed Aug 5 17:12:20 2015 : Debug: [mschap] FAILED: MS-CHAP2-Response is
incorrect
------------------------------------------------------------------------------
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
