Freeradius with EAP/MSChap and Windows 2012

Alan DeKok aland at deployingradius.com
Tue Jan 21 19:19:51 CET 2014


Carsten Czerner wrote:
> I have some trouble with the implementation of a WLAN - PEAP
> Authentification with freeradius and ntlm-auth against a Windows2012
> Server.
> 
> I used the freeradius howto:
> 
> - The pc can authentificate against the domain:
> 
> root at rad1-wlan:/etc/freeradius/sites-enabled# /usr/bin/ntlm_auth
> --request-nt-key --domain=ADINT.DIR --username=peterpan --password=1234567
> NT_STATUS_OK: Success (0x0)

  That's good.

> Tue Jan 21 15:22:20 2014 : Debug: Exec-Program output: Reading winbind
> reply failed! (0xc0000001)
> Tue Jan 21 15:22:20 2014 : Debug: Exec-Program-Wait: plaintext: Reading
> winbind reply failed! (0xc0000001)

  ntlm_auth is returning a message that tells you what the problem is.

> Does anyone know why this happen?

  Usually because ntlm_auth doesn't have permission to talk to winbindd.
 Check the permissions.  Odds are when you run "radiusd -X" as *root*,
it will work.

  Alan DeKok.


More information about the Freeradius-Users mailing list