AD, Groups, and LDAP (was Re: separating Users?)
Alan Buxey
A.L.M.Buxey at lboro.ac.uk
Thu Dec 3 23:27:33 CET 2009
Hi,
> Install freeradius2:
> yum clean all
> yum install freeradius2 freeradius2-utils freeradius2-ldap
note, there are other packages should you need eg SQL support
> Exec-Program output: winbind client not
> authorized to use winbindd_pam_auth_crap. Ensure
> permissions on
> /var/cache/samba/winbindd_privileged are set correctly. (0xc0000022)
>
> then the issue is that radiusd doesn't have
> access to the winbindd_privileged folder. You can fix with:
>
> chgrp radiusd /var/cache/samba/winbindd_privileged
> chmod g+rw /var/cache/samba/winbindd_privileged
..and we very very aware that if you install a SAMBA update
(eg theres an update released) then the post-install of the
SAMBA will reblat those permissions! :-(
you didnt note if you were SELinux enabled and any issues that
might befall that - I'm also not sure ....but does the freeradiusd2
package automatically put the right firewall holes into place too
(if not you'd need to add UDP 1812,1813 and 1814 to the incoming
rule chain....)
alan
More information about the Freeradius-Users
mailing list