dot1x with samba workstation accounts
Jens Weibler
jens.weibler at h-da.de
Thu Jun 17 17:37:32 CEST 2010
On 17.06.2010 16:56, Alan DeKok wrote:
> Jens Weibler wrote:
>
>> The question is: why isn't the check allowing workstations?
>>
>> if (((smb_ctrl->vp_integer & ACB_DISABLED) != 0) ||
>> (((smb_ctrl->vp_integer & ACB_NORMAL) == 0) && (smb_ctrl->vp_integer &
>> ACB_WSTRUST == 0))) {
>> RDEBUG2("SMB-Account-Ctrl says that the account is disabled, or is not a
>> normal account.");
>>
> Hmm... The workstation accounts work when using Active Directory.
> Others have gotten it to work with Samba. I'm not sure what's different
> about your setup.
>
Maybe the others don't have changed the ldap.attrmap:
- checkItem SMB-Account-CTRL-TEXT acctFlags
+checkItem SMB-Account-CTRL-TEXT sambaAcctFlags
Has someone a working samba-freeradius-ldap-workstationauthentication setup?
--
Jens Weibler
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 6022 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20100617/5c49a068/attachment.bin>
More information about the Freeradius-Users
mailing list