PAP with LDAP and PEAP/MSCHANPv2 with ntlm_auth
n.prockter at lse.ac.uk
Mon Jun 28 17:57:58 CEST 2010
On 25/06/10 22:23, Alan DeKok wrote:
> Neil Prockter wrote:
>> this is a config that works for PAP/LDAP but not PEAP/MSCHANPv2
> Change the version of Samba. From eap.conf:
> # If is still doesn't work, and you're using Samba,
> # you may be encountering a Samba bug. See:
> # https://bugzilla.samba.org/show_bug.cgi?id=6563
> # Note that we do not necessarily agree with their
> # explanation... but the fix does appear to work.
> Note that this problem *never* appears if the Cleartext-Password is
> available to FreeRADIUS. It *only* happens when Samba is being used.
> Try this for yourself. Configure a Cleartext-Password in the "users"
> file for a test user, and disable ntlm_auth. If PEAP/MSCHAPv2 works,
> then the problem is Samba, not FreeRADIUS.
I had started on 3.4.7 which I'd hoped was free of the issue. I tried
downgrading to samba-3.2.15 that didn't help then I tried samba-3.0.37
that did so I'll try sticking with that for a while.
Please access the attached hyperlink for an important electronic communications disclaimer: http://www.lse.ac.uk/collections/planningAndCorporatePolicy/legalandComplianceTeam/legal/disclaimer.htm
More information about the Freeradius-Users