Dear All...<br><div class="gmail_quote">
I was following<br>
<a href="http://deployingradius.com/documents/configuration/active_directory.html" target="_blank">http://deployingradius.com/documents/configuration/active_directory.html</a><br>
<br>
I was installed freeradius-1.1.7 and samba version 3 on my slackware<br>
11 and also I was installed Windows Server 2003 for Active Directory.<br>
<br>
This is my smb.conf :<br>
[global]<br>
workgroup = RADIUS<br>
security = server<br>
password server = <a href="http://radius.satelite.net" target="_blank">radius.satelite.net</a><br>
<br>
In this case I'm not using kerberos and I was successfully running my<br>
samba and join with my domain.<br>
This is about status from my server when I joined<br>
<br>
root@jadul: net join -U administrator<br>
Password:<br>
Joined domain RADIUS.<br>
<br>
And I was successfully to use ntlm_auth helper to authenticate user<br>
from my Active Directory. This is the message from my server.<br>
<br>
root@jadul:/# ntlm_auth --request-nt-key --domain=<a href="http://radius.satelite.net" target="_blank">radius.satelite.net</a><br>
-- username=administrator<br>
password:<br>
NT_STATUS_OK: Success (0x0)<br>
<br>
and also I add in the module section on radiusd.conf<br>
exec ntlm_auth {<br>
wait = yes<br>
program = "/path/to/ntlm_auth ntlm_auth<br>
--request-nt-key --domain=MYDOMAIN --username=%{mschap:User-Name}<br>
--password=%{User-Password}"<br>
}<br>
<br>
and also I add in the users file<br>
DEFAULT Auth-Type = ntlm_auth<br>
<br>
There is no problem when I check with radiusd -X and after I running radiusd.<br>
I was check account from my Active Directory using<br>
radtest <user_AD> <pass_AD> localhost 1812 testing123<br>
<br>
And the result is..<br>
<br>
radtest ferdi ferdi localhost 1812 testing123<br>
Sending Access-Request of id 86 to 127.0.0.1 port 1812<br>
User-Name = "ferdi"<br>
User-Password = "ferdi"<br>
NAS-IP-Address = 255.255.255.255<br>
NAS-Port = 1812<br>
Re-sending Access-Request of id 86 to 127.0.0.1 port 1812<br>
User-Name = "ferdi"<br>
User-Password = "ferdi"<br>
NAS-IP-Address = 255.255.255.255<br>
NAS-Port = 1812<br>
rad_recv: Access-Reject packet from host <a href="http://127.0.0.1:1812" target="_blank">127.0.0.1:1812</a>, id=86, length=20<br>
<br>Why Reject..?<br><br>
Please help me..<br>
</div><br>