RADIUS Auth-Type

Bohannan, Chad W Chad_Bohannan at reyrey.com
Mon Dec 5 20:56:29 CET 2005


Alan,

      You seem to be one of the most knowledgeable folks on the list.
Can you provide any input? All help is appreciated.

 

 

Chad.

 

 

From: freeradius-users-bounces at lists.freeradius.org
[mailto:freeradius-users-bounces at lists.freeradius.org] On Behalf Of
Bohannan, Chad W
Sent: Friday, December 02, 2005 12:51 PM
To: FreeRadius users mailing list
Subject: RADIUS Auth-Type

 

OK, here is the situation. I have successfully configured RADIUS to
authenticate/authorize NAS requests from my Cisco gear so long as the
user "Auth-Type= System". I have also managed to get Samba working and
have joined the radius server to the AD realm in question. This is
confirmed through the following:

 

ntlm_auth --request-nt-key --domain=MYDOMAIN --username=MYUID

password:xxxxx

NT_STATUS_OK: Success (0x0)

 

wbinfo -a MYUID%MYPASSWD

plaintext password authentication failed

error code was NT_STATUS_NO_SUCH_USER (0xc0000064)

error messsage was: No such user

Could not authenticate user MYUID%MTPASSWD with plaintext password

challenge/response password authentication succeeded

 

However, when I edit the /etc/raddb/users file and change the
"Auth-Type= System" to "Auth-Type=MSCAP" all authentication attempts
fail. Am I specifying the correct auth-type? Have I missed a step? Is
there something I can do (debug maybe) that will better assist in
identifying the problem? Any and all suggestions are appreciated. 

 

I am attempting to have RADIUS proxy authentication requests to AD, then
assign attributes if authentication succeeds.

 

 

Chad

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20051205/6e28bfc8/attachment.html>


More information about the Freeradius-Users mailing list