No subject

Reveal MAP revealmapp at yahoo.fr
Tue Jul 15 16:48:06 CEST 2008


Hello list!

after
i succeed creating my CA, (thanks a lot sergio), i encounter a new
problem with Active Directory integration! i succeded it with help of
this mailing list a couple of week ago, but in FR-2.0.2.

Now i use FR-2.0.5.
I
followed the HOWTO, so ntlm_auth and winbind authenticate successfully.
i didn't take a look at winbind_priviledge yet, but, when i try to
authenticate with a user of existing in active Directory (using
radtest), it just reject the user without no more message (taht i could
interpretate to find what is missing).



i set in /etc/raddb/module/mschap that lines:
----------------------------------------------------------------------------------------------
mschap {
    use_mppe = yes
    #require_encryption = yes
    #require_strong = yes
    with_ntdomain_hack = yes
   
ntlm_auth = "/usr/bin/ntlm_auth --request-nt-key
--username=%{mschap:User-Name} --challenge=%{mschap:Challenge:-00}
--nt-response=%{mschap:NT-Response:-00}"
}

but still noticed this line on the ouput too (at radiusd -X startup):
----------------------------------------------------------------------------------------------
Module: Linked to sub-module rlm_eap_mschapv2
 Module: Instantiating eap-mschapv2
   mschapv2 {
        with_ntdomain_hack = no //shouldn't it be yes instead of no here?
-------------------------------------------------------------------------------------------------


here is the entire output of RADIUSD -X. thanx for help:
--------------------------------------------------------------------------------------------
aaa:~ # radtest glouglou glouglou localhost 1812 testing123
Sending Access-Request of id 74 to 127.0.0.1 port 1812
        User-Name = "glouglou"
        User-Password = "glouglou"
        NAS-IP-Address = 127.0.0.2
        NAS-Port = 1812
rad_recv: Access-Reject packet from host 127.0.0.1 port 1812, id=74, length=20
--------------------------------------------------------------------------------------------



      _____________________________________________________________________________ 
Envoyez avec Yahoo! Mail. Une boite mail plus intelligente http://mail.yahoo.fr
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20080715/5a73ec85/attachment.html>


More information about the Freeradius-Users mailing list