which samba version / patch for Active Directory 2008

Neil Prockter n.prockter at lse.ac.uk
Mon Sep 13 18:04:58 CEST 2010


If someone who has a working freeradius samba ntlm_auth AD 2008 setup
could let me know which version of samba they are using and which
patches it might help me a great deal.

I have a working configuration freeradius + samba 3.0.37 + Active
Directory 2003.

Our Active Directory servers are in the process of moving to 2008 and
the 3.0.37 does not return the correct/same keys when looking at a
upgraded AD server.  I have it pointed to our last AD 2003 server and it
work there.

I've setup samba 3.4.8 with the patch
https://bugzilla.samba.org/attachment.cgi?id=5894 (which needed a little
changing to match line number changes).

The session keys (if thats what they are) returned by running ntlm_auth
on the 2 setups are different (I've put a wrapper script around it so
that I can catch them being returned).  If I run ntlm_auth repeatedly
with the same challenge and nt-response the ones returned by the broken
setup seem to change every few minutes whereas the working one stays the

Thanks in advance,


Please access the attached hyperlink for an important electronic communications disclaimer: http://www.lse.ac.uk/collections/planningAndCorporatePolicy/legalandComplianceTeam/legal/disclaimer.htm

More information about the Freeradius-Users mailing list