Logins against AD failing in *most* cases. Can see why, butdon't*understand* why.

[Meyers, Dan]

> > I am perfectly willing to accept that you may be right and this may
> be
> > my issue, I just don't understand how it has suddenly become a
> problem.
> 
> Are you using a Cisco Wireless LAN Controller (WLC)?  We had a similar
> issue with our Cisco 2112 WLC (EAP conversation stops on the
> NAS/supplicant side).  For what it's worth, our WLC was working fine
> for a while and then suddenly stopped.  A reboot fixed it one time,
but
> then it eventually failed again and a reboot didn't fix it.  It was
> resolved by changing a setting in the WLC (I'll get you the details if
> it's applicable).

We are indeed. Cisco Wireless Control System with 4 Cisco 4400 series
WLAN controllers, with about 300 connected Cisco APs spread across the 4
of them. I thought i'd got it just now, as I got it working reliably
from several different machines in our office with freeradius in debug
mode (but without changing anything, which I found very odd).

Just to check, I restarted samba, winbind and freeradius. Now all of a
sudden it's not working again. ntlm_auth is working and returning an nt
key but the Access-Challenge is not being responded to where 2 minutes
ago it was just fine.

It never occurred to me that the Cisco controllers could be our issue...
Though I have just checked with a colleague and he did try restarting
them after hours yesterday, and it didn't help matters. If you can find
out what setting you changed that would be ideal, but probably best to
email me directly as this is getting somewhat off-topic for the list.

--
Dan Meyers
Network Specialist, Lancaster University
E-Mail: d.meyers at lancaster.ac.uk