Well I cannot provide proof that the Microsoft radius server is setting
the bit. However setting the MSV1_0_ALLOW_MSVCHAPV2 bit in the
request.data.auth_crap.logon_parameters of the
contact_winbind_auth_crap() function fixes the issue with ntlm_auth not
being able to authenticate mschapv2 to
On Tue, 2012-03-06 at 19:52 -0700, Glenn Machin wrote:
Well I cannot provide proof that the Microsoft radius server is
setting the bit. However setting the MSV1_0_ALLOW_MSVCHAPV2 bit in
the request.data.auth_crap.logon_parameters of the
contact_winbind_auth_crap() function fixes the issue
So what is the flag that should be set? From librpc/gen_ndr/netlogon.h
I see MSV1_0_ALLOW_MSVCHAPV2. Is that the flag that needs to be set?
I can't seem to find any documentation on that particular flag.
Glen
On 3/3/12 12:04 AM, Andrew Bartlett wrote:
On Fri, 2012-03-02 at 15:08
On Mon, 2012-03-05 at 10:54 -0700, Glenn Machin wrote:
So what is the flag that should be set? From librpc/gen_ndr/netlogon.h
I see MSV1_0_ALLOW_MSVCHAPV2. Is that the flag that needs to be set?
I can't seem to find any documentation on that particular flag.
This flag is set within the NTLM2 Session protocol or is it something
that can be set on the DC or the ActiveDirectory computer account of the
Samba client initiating the NTLM2 Session request?
Glenn
On 3/3/12 8:32 PM, Andrew Bartlett wrote:
What you can however do is set a flag telling
On Sun, 2012-03-04 at 06:43 -0700, Glenn Machin wrote:
This flag is set within the NTLM2 Session protocol or is it something
that can be set on the DC or the ActiveDirectory computer account of the
Samba client initiating the NTLM2 Session request?
logon_parameters is part of the netlogon