Joe Vieira wrote:
Hello, Here is the run down on my set up. RHEL5 64bit - freeradius 1.1.6, samba 3.0.23c-2, using peap(ms-chapv2)/ ntlm_auth for authentication and ldap for authorization. so I have ntlm_auth configured and working correctly. everytime a specific user logs in, i see this directly after his login success.
Are you sure he's not trying to do anything nefarious?
80986-Tue Sep 18 17:10:37 2007 : Auth: Login OK: [students\\USER/<no User-Password attribute>] (from client UNKNOWN-CLIENT port 0) <- user auth line. 80987:Tue Sep 18 17:10:37 2007 : Auth: Login OK: [RUN\\\305\355\277\255/<no User-Password attribute>] (from client wism2 port 29 cli 00-1B-77-27-B2-48) <- freaky line
now, that looks like extended unicode to me in the username...obviously we don't have a user named that, or even a domain named 'RUN', moreover it doesn't seem like that "username" should even have been authorized thru the ldap rules....
So... run in debugging mode to see what's going on. Alan DeKok.