Configuring FreeRADIUS to use ntlm_auth for MS-CHAP
Pedro Alves
pedrojmalves at gmail.com
Mon May 3 12:14:16 CEST 2010
I see that the file xpextensions is already in /raddb/certs dir and is
included when create certificates using bootstrap :
"openssl ca -batch -keyfile ca.key -cert ca.pem -in server.csr -key `grep
output_password ca.cnf | sed 's/.*=//;s/^ *//'` -out server.crt -extensions
xpserver_ext -extfile xpextensions -config ./server.cnf || exit 1"
But Windows XP and Vista Supplicant can't authenticate, always have "Sending
Access-Challenge"
What is the best Samba version to communicate with Win2008 server Standard
R2 (Active Directory) ?
Cumprimentos
Pedro Alves
-----Original Message-----
From: freeradius-users-bounces+pedrojmalves=gmail.com at lists.freeradius.org
[mailto:freeradius-users-bounces+pedrojmalves=gmail.com at lists.freeradius.org
] On Behalf Of Alan DeKok
Sent: sexta-feira, 30 de Abril de 2010 8:58
To: FreeRadius users mailing list
Subject: Re: Configuring FreeRADIUS to use ntlm_auth for MS-CHAP
Pedro Alves wrote:
> Using JRadiusSimulator to test and receive "Sending Access-Accept" :)
>
> But when i use a client AP Cisco Aironet 1121, only users from "files" can
> connect, users on AD dont.
...
> Sending Access-Challenge of id 110 to 10.1.3.17 port 1645
> EAP-Message =
>
0x011c004a1900170301003faca645f76e5aff8c761515bd9d8c3213f7e06d164a58508ec372
> 6451efcaa894181735f73811912c526d93579a32e2887690f78fb267de6af44993815d126a
> Message-Authenticator = 0x00000000000000000000000000000000
> State = 0xac9d3931ab8120751e3f7dd68458a60f
> Finished request 149.
> Going to the next request
> Waking up in 4.7 seconds.
See the FAQ and the comments in eap.conf in recent versions of the server.
It may also be a Samba bug. See:
https://bugzilla.samba.org/show_bug.cgi?id=6563
Alan DeKok.
-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
More information about the Freeradius-Users
mailing list