On 21/08/13 23:44, Chris Parker wrote:
Okay, pardon my confusion then. I had been following a howto online
and it reported that the command when run manually will produce the
key.
Either way, I'm still having a failure in MSCHAP with radtest that
I'm not quite grasping.
Well, as I explained
Thank you for setting me on the right track; I have followed the directions on
http://deployingradius.com/documents/configuration/active_directory.html (the
bottom section on MSCHAP) and have ntlm_auth in the authenticate {} - as per
those directions.
When I run the ntlm_auth command manually,
Sorry for the individual emails, but I got things working with MSCHAP (w/
ntlm_auth) and WPA-EAP.
My issue was that when I got the two winbind errors, I did some more searching
and there's the potential that the freerad user did not have access to pipe
named: /var/run/samba/winbindd
That pipe
On 22/08/13 15:14, Chris Parker wrote:
Exec-Program output: Reading winbind reply failed! (0xc001)
Check the permissions on the winbind socket directory, specifically that
the freeradius daemon user can access it; this is usually at:
/var/cache/samba/winbindd_privileged
or
On 08/21/2013 05:11 AM, Chris Parker wrote:
Log output:
rad_recv: Access-Request packet from host 127.0.0.1 port 35826, id=114,
length=57
User-Name = wyse1
User-Password = K503D
NAS-IP-Address = 127.0.1.1
NAS-Port = 1812
# Executing section authorize from file
Thank you Phil!
That resolved my first steps, and I figured there was something like that. I
have poured over deployingfreeradius.com, but for the life of me I could not
find anything of assistance for my set up.
I have enabled the ntlm_auth line in modules/mschap but no password is sent to
When I poke around and try to deconstruct the issue, I find that ntlm_auth when
run manually retrieve the NT key, it does not do anything. It just says
NT_STATUS_OK: Success (0x0)
If I run the --diagnostics flag this is what I get...
root@leopard:/etc/freeradius# ntlm_auth --domain=WONKY
On 21/08/2013 19:28, Chris Parker wrote:
So I doubt this issue is with FR, but more of that Samba is being
cranky. I can never get ntlm_auth to give me that NT key, which I
feel if I could resolve that, I could continue with FR.
No. NT_KEY is only generated by mschap, not by username/password
On 21/08/2013 13:55, Chris Parker wrote:
Thank you Phil! That resolved my first steps, and I figured there was
something like that. I have poured over deployingfreeradius.com, but
for the life of me I could not find anything of assistance for my set
up.
Yeah... to be honest, I think I've just
Okay, pardon my confusion then. I had been following a howto online and it
reported that the command when run manually will produce the key.
Either way, I'm still having a failure in MSCHAP with radtest that I'm not
quite grasping.
On Aug 21, 2013, at 17:49, Phil Mayers
It seems that I have ntlm_auth configured to talk to Samba correctly. As it
positively works when run from the CLI and FR even shows a positive login, but
that positive login never seems to be sent to the authentication stage.
More food for thought once I tackle this, is that when I try to link
11 matches
Mail list logo