Hello, My PacketFence ZEN install seems to be having some trouble, or at least I am. The background is that this is a fresh deployment for lab purposes. Installation was completed following the installation guide. Now, I'm trying to setup a basic wireless configuration to use a local source for user authentication (not AD) to work with a Meraki AP. I have a little experience configuring FreeRADIUS to work as the backend for Meraki in such a setup, but have not run into this particular issue before.
At this point, in the RADIUS audit logs there's a REJECT with this reason: mschap: Program returned code (1) and output 'Reading winbind reply failed! (0xc0000001)' Cursory research suggests this is a permissions issue. Checking permissions suggests that the pf user is a member of wbpriv and also that wbpriv has read permissions on /var/lib/samba/winbindd_privileged/. [root@PacketFence-ZEN ~]# lid pf apache(gid=48) wbpriv(gid=88) pf(gid=989) fingerbank(gid=988) Because this is a lab, I went ahead and attempted to add permissions to the folder to see if that resolved the error: [root@PacketFence-ZEN ~]# chmod +r /var/lib/samba/winbindd_privileged/ [root@PacketFence-ZEN ~]# chmod +w /var/lib/samba/winbindd_privileged/ [root@PacketFence-ZEN ~]# chmod +x /var/lib/samba/winbindd_privileged/ [root@PacketFence-ZEN ~]# ls -l /var/lib/samba/ total 0 drwxrwxr-x. 2 root printadmin 6 Oct 30 22:32 drivers drwxr-xr-x. 2 root root 6 Oct 30 22:32 lock drwx------. 2 root root 6 Oct 30 22:32 private drwxr-xr-x. 2 root wbpriv 6 Oct 30 22:32 winbindd_privileged Curiously, it did not change the write permissions on the folder, but did add read and execute for "other" users. The issue persists with the same log entry, even after rebooting the server. I'm quite stumped. I have configured an htpasswd file to act as the back-end authentication source. I setup a profile to match on Wireless-8021x-EAP. I configured matching RADIUS shared secrets on the device and PF. Anyway, any pointers or suggestions are much appreciated. Thank you and have a great day, everyone!
_______________________________________________ PacketFence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users
