(freeradius 3) I'm trying to integrate freeradius with active directory in cenos 7.
Marcelo Martinez
marcelo.martinez at nexa.com.uy
Thu Sep 22 20:48:39 CEST 2016
My /etc/hosts:
cat /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4
localhost4.localdomain4
::1 localhost localhost.localdomain localhost6
localhost6.localdomain6
10.8.10.109 test.uy dc1.test.uy
On Thu, Sep 22, 2016 at 3:03 PM, Marcelo Martinez <
marcelo.martinez at nexa.com.uy> wrote:
> Hello,
>
> I'M trying to test radius with active directory administrator and radtest
> is showing this error:
>
> radtest -t mschap Administrator password localhost 0 testing123
> (0) Error parsing "-": ip_hton: Temporary failure in name resolution
>
> Radius is running without errors.
>
> The client is joined to the ad domain and ntml_auth, winbind are ok:
>
> ntlm_auth --request-nt-key --domain=TEST --username=Administrator
> –password=xxxx
> Password:
> NT_STATUS_OK: Success (0x0)
>
> systemctl status winbind
> ● winbind.service - Samba Winbind Daemon
> Loaded: loaded (/usr/lib/systemd/system/winbind.service; enabled;
> vendor preset: disabled)
> Active: active (running) since mar 2016-09-20 17:50:35 EDT; 1 day 5h ago
> Main PID: 1658 (winbindd)
> Status: "winbindd: ready to serve connections..."
> CGroup: /system.slice/winbind.service
> ├─1658 /usr/sbin/winbindd
> ├─1692 /usr/sbin/winbindd
> ├─1777 /usr/sbin/winbindd
> ├─1785 /usr/sbin/winbindd
> ├─1816 /usr/sbin/winbindd
> └─1827 /usr/sbin/winbindd
>
>
> net ads testjoin
> Join is OK
>
> Any help please?
>
> Thanks.-
>
>
> On Wed, Sep 21, 2016 at 9:55 AM, Johnny R [via FreeRADIUS] <
> ml-node+s1045715n5742645h79 at n5.nabble.com> wrote:
>
>> >I think all is working, but I don't know how to test freeradius with
>> active
>> >directory users on localhost (radius server)
>>
>> I think you might want to check first (following the how-to on the main
>> page):
>>
>> 1. if ntlm_auth / or wbinfo is working fine
>> 2. then just start radius in debugging mode and test with a live AD
>> user.
>>
>> Just my 2 cents,
>>
>>
>> Regards,
>>
>> v4s[at]#unrelated | "sh3ll is just the beginning"
>>
>>
>>
>>
>>
>> On Wed, Sep 21, 2016 at 3:47 PM, Marcelo Martinez <
>> [hidden email] <http:///user/SendEmail.jtp?type=node&node=5742645&i=0>>
>> wrote:
>>
>> > Hello,
>> >
>> > Thanks alan and other users for the help.
>> > I think all is working, but I don't know how to test freeradius with
>> active
>> > directory users on localhost (radius server)
>>
>> Sorry for the dumb question.
>>
>> >
>> > Any help please?
>> >
>> > Thanks.-
>> >
>> > On Mon, Sep 19, 2016 at 5:12 PM, Marcelo Martinez <
>> > [hidden email] <http:///user/SendEmail.jtp?type=node&node=5742645&i=1>>
>> wrote:
>> >
>> > > I fixed the issue with radtest.
>> > >
>> > > # radtest bob hello 127.0.0.1 0 testing123
>> > > Sending Access-Request Id 154 from 0.0.0.0:47029 to 127.0.0.1:1812
>> > > User-Name = 'bob'
>> > > User-Password = 'hello'
>> > > NAS-IP-Address = 192.168.72.22
>> > > NAS-Port = 0
>> > > Message-Authenticator = 0x00
>> > > Received Access-Accept Id 154 from 127.0.0.1:1812 to 127.0.0.1:47029
>> > > length 20
>> > >
>> > > Thanks.-
>> > >
>> > > On Mon, Sep 19, 2016 at 4:58 PM, Marcelo Martinez <
>> > > [hidden email]
>> <http:///user/SendEmail.jtp?type=node&node=5742645&i=2>> wrote:
>> > >
>> > >> winbind is running
>> > >>
>> > >> # systemctl status winbind
>> > >> ● winbind.service - Samba Winbind Daemon
>> > >> Loaded: loaded (/usr/lib/systemd/system/winbind.service;
>> disabled;
>> > >> vendor preset: disabled)
>> > >> Active: active (running) since lun 2016-09-19 16:39:35 UYT; 4min
>> 43s
>> > >> ago
>> > >> Main PID: 4752 (winbindd)
>> > >> Status: "winbindd: ready to serve connections..."
>> > >> CGroup: /system.slice/winbind.service
>> > >> ├─4752 /usr/sbin/winbindd
>> > >> └─4753 /usr/sbin/winbindd
>> > >>
>> > >> sep 19 16:39:35 prueba systemd[1]: Starting Samba Winbind Daemon...
>> > >> sep 19 16:39:35 prueba winbindd[4752]: [2016/09/19 16:39:35.538056,
>> 0]
>> > >> ../source3/winbindd/winbindd_cache.c:3235(initialize_winbindd_cache)
>>
>> > >> sep 19 16:39:35 prueba winbindd[4752]: initialize_winbindd_cache:
>> > >> clearing cache and re-creating with version number 2
>> > >> sep 19 16:39:35 prueba winbindd[4752]: [2016/09/19 16:39:35.542982,
>> 0]
>> > >> ../lib/util/become_daemon.c:124(daemon_ready)
>> > >> sep 19 16:39:35 prueba winbindd[4752]: STATUS=daemon 'winbindd'
>> > >> finished starting up and ready to serve connections
>> > >> sep 19 16:39:35 prueba systemd[1]: Started Samba Winbind Daemon.
>> > >>
>> > >> My progress is fine...
>> > >>
>> > >> wbinfo -a Administrador%Passw0rd
>> > >> plaintext password authentication failed
>> > >> Could not authenticate user Administrador%Passw0rd with plaintext
>> > password
>> > >> challenge/response password authentication succeeded
>> > >> [root at miem-radius-test raddb]# ntlm_auth --request-nt-key
>> --domain=TEST
>> > >> --username=Administrador --password=Passw0rd
>> > >> NT_STATUS_OK: Success (0x0)
>> > >>
>> > >> but radtest is not working...
>> > >>
>> > >> radtest -t mschap bob hello localhost 0 testing123
>> > >> -bash: radtest: command not found
>> > >>
>> > >> yum provides radtest
>> > >> Complementos cargados:ps
>> > >> miemrepo-base
>> > >> | 3.6 kB 00:00:00
>> > >> miemrepo-epel
>> > >> | 4.3 kB 00:00:00
>> > >> miemrepo-base/filelists_db
>> > >> | 6.2 MB 00:00:00
>> > >> miemrepo-epel/filelists_db
>> > >> | 7.1 MB 00:00:00
>> > >> freeradius-utils-3.0.4-6.el7.x86_64 : FreeRADIUS utilities
>> > >> Repositorio : testrepo-base
>> > >> Resultado obtenido desde:
>> > >> Nombre del archivo : /usr/bin/radtest
>> > >>
>> > >>
>> > >>
>> > >> On Mon, Sep 19, 2016 at 4:34 PM, Matthew Newton [via FreeRADIUS] <
>> > >> [hidden email]
>> <http:///user/SendEmail.jtp?type=node&node=5742645&i=3>> wrote:
>> > >>
>> > >>> On Mon, Sep 19, 2016 at 03:33:02PM -0300, Marcelo Martinez wrote:
>> > >>> > Any help please?
>> > >>>
>> > >>> As per my last e-mail...
>> > >>>
>> > >>> Is winbind running?
>> > >>>
>> > >>> Matthew
>> > >>>
>> > >>>
>> > >>> --
>> > >>> Matthew Newton, Ph.D. <[hidden email]
>> > >>> <http:///user/SendEmail.jtp?type=node&node=5742624&i=0>>
>> > >>>
>> > >>> Systems Specialist, Infrastructure Services,
>> > >>> I.T. Services, University of Leicester, Leicester LE1 7RH, United
>> > >>> Kingdom
>> > >>>
>> > >>> For IT help contact helpdesk extn. 2253, <[hidden email]
>> > >>> <http:///user/SendEmail.jtp?type=node&node=5742624&i=1>>
>> > >>> -
>> > >>> List info/subscribe/unsubscribe? See http://www.freeradius.org/list
>> > >>> /users.html
>> > >>>
>> > >>> ------------------------------
>> > >>> If you reply to this email, your message will be added to the
>> > discussion
>> > >>> below:
>> > >>> http://freeradius.1045715.n5.nabble.com/freeradius-3-I-m-try
>> > >>> ing-to-integrate-freeradius-with-active-directory-in-cenos-
>> > >>> 7-tp5742598p5742624.html
>> > >>> To unsubscribe from FreeRADIUS, click here
>> > >>> <http://freeradius.1045715.n5.nabble.com/template/
>> > NamlServlet.jtp?macro=unsubscribe_by_code&node=2740692&code=
>> > bWFyY2Vsby5tYXJ0aW5lekBuZXhhLmNvbS51eXwyNzQwNjkyfC0xNzQ0NzUzNjYy>
>> > >>> .
>> > >>> NAML
>> > >>> <http://freeradius.1045715.n5.nabble.com/template/
>> > NamlServlet.jtp?macro=macro_viewer&id=instant_html%
>> > 21nabble%3Aemail.naml&base=nabble.naml.namespaces.
>> > BasicNamespace-nabble.view.web.template.NabbleNamespace-
>> > nabble.view.web.template.NodeNamespace&breadcrumbs=
>> > notify_subscribers%21nabble%3Aemail.naml-instant_emails%
>> > 21nabble%3Aemail.naml-send_instant_email%21nabble%3Aemail.naml>
>> > >>>
>> > >>
>> > >>
>> > >
>> > -
>> > List info/subscribe/unsubscribe? See http://www.freeradius.org/
>> > list/users.html
>> -
>> List info/subscribe/unsubscribe? See http://www.freeradius.org/list
>> /users.html
>>
>> ------------------------------
>> If you reply to this email, your message will be added to the discussion
>> below:
>> http://freeradius.1045715.n5.nabble.com/freeradius-3-I-m-try
>> ing-to-integrate-freeradius-with-active-directory-in-
>> cenos-7-tp5742598p5742645.html
>> To unsubscribe from FreeRADIUS, click here
>> <http://freeradius.1045715.n5.nabble.com/template/NamlServlet.jtp?macro=unsubscribe_by_code&node=2740692&code=bWFyY2Vsby5tYXJ0aW5lekBuZXhhLmNvbS51eXwyNzQwNjkyfC0xNzQ0NzUzNjYy>
>> .
>> NAML
>> <http://freeradius.1045715.n5.nabble.com/template/NamlServlet.jtp?macro=macro_viewer&id=instant_html%21nabble%3Aemail.naml&base=nabble.naml.namespaces.BasicNamespace-nabble.view.web.template.NabbleNamespace-nabble.view.web.template.NodeNamespace&breadcrumbs=notify_subscribers%21nabble%3Aemail.naml-instant_emails%21nabble%3Aemail.naml-send_instant_email%21nabble%3Aemail.naml>
>>
>
>
More information about the Freeradius-Users
mailing list