[root@curric4182-05 raddb]# [root@curric4182-05 raddb]# [root@curric4182-05 raddb]# /usr/bin/ntlm_auth --request-nt-key --username=e2052982 --domain=ADMIN4182 --challenge=6151ad29f27eff47 --nt-response=01e42eabc464bf9915883d804457069d4702d95534ce4d53 Logon failure (0xc000006d) [root@curric4182-05 raddb]# [root@curric4182-05 raddb]#
Not good. :-( .. but they do give me the domain option .. so it "should" be ok. ?
Try asking on the Samba lists. Also, check the event logs on the other domain - it might be that you don't have the relevant options enabled or permissions set to do inter-domain mschap (I don't know what, if any, options you need)
. . .
Sorry ... couple more idiot (newbie) questions ....
I am using PEAP with MSCHAPv2 .. and (I think) according to the how-tos .. I do NOT need ANY certificate(s) on the client PC... Is this correct ??.... or, if not
Correct
.. which certificate(s) are REQUIRED on the PC... ?? I am using tinyCA with the OID extra bits for the XP extensions. Is this an error in the following certficate stuff ??
ignore that
. . . IS the following significant ... ?? It seems to say it cannot create the password ??
modcall: entering group MS-CHAP for request 7 rlm_mschap: No User-Password configured. Cannot create LM-Password. rlm_mschap: No User-Password configured. Cannot create NT-Password. rlm_mschap: Told to do MS-CHAPv2 for e2052982 with NT-Password
ignore that, since you're using ntlm_auth it's irrelevant