AW: AW: Problem with ntlm_auth

Frederik.Niedernolte at Bertelsmann.de Frederik.Niedernolte at Bertelsmann.de
Thu Oct 9 13:48:52 CEST 2008


OK, thanks.
Now it works.
Is this the way it should look right?

Ready to process requests.
rad_recv: Access-Request packet from host 127.0.0.1 port 32793, id=97, length=59
        User-Name = "MyUser"
        User-Password = "MyPassword"
        NAS-IP-Address = IP.ADDRESS.OF.SERVER
        NAS-Port = 0
+- entering group authorize {...}
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
[suffix] No '@' in User-Name = "MyUser", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[eap] No EAP-Message, not doing EAP
++[eap] returns noop
++[unix] returns notfound
[files] users: Matched entry DEFAULT at line 2
++[files] returns ok
++[expiration] returns noop
++[logintime] returns noop
[pap] WARNING! No "known good" password found for the user.  Authentication may fail because of this.
++[pap] returns noop
Found Auth-Type = ntlm_auth
+- entering group authenticate {...}
[ntlm_auth]     expand: --username=%{mschap:User-Name} -> --username=MyUser
[ntlm_auth]     expand: --password=%{User-Password} -> --password=MyPassword
Exec-Program output: NT_STATUS_OK: Success (0x0)
Exec-Program-Wait: plaintext: NT_STATUS_OK: Success (0x0)
Exec-Program: returned: 0
++[ntlm_auth] returns ok
+- entering group post-auth {...}
++[exec] returns noop
Sending Access-Accept of id 97 to 127.0.0.1 port 32793
Finished request 1.
Going to the next request
Waking up in 4.9 seconds.
Cleaning up request 1 ID 97 with timestamp +16
Ready to process requests.

F. Niedernolte

-----Ursprüngliche Nachricht-----
Von: freeradius-users-bounces+frederik.niedernolte=bertelsmann.de at lists.freeradius.org [mailto:freeradius-users-bounces+frederik.niedernolte=bertelsmann.de at lists.freeradius.org] Im Auftrag von tnt at kalik.net
Gesendet: Donnerstag, 9. Oktober 2008 13:28
An: FreeRadius users mailing list
Betreff: Re: AW: Problem with ntlm_auth

>Every user that should be authenticated has to be an entry in the users file?
>
>Isn't it possible to add an forwarding for every user so that all requests are just forwarded and checked?
>
>If not I must add all users from the AD to the users file, mustn't I?
>

DEFAULT   Auth-Type := ntlm_auth

Ivan Kalik
Kalik Informatika ISP

-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html




More information about the Freeradius-Users mailing list