Freeradius Active Directory Authentication using ntlm_auth
Shyju Kanaprath
shyjuk at live.com
Sun Nov 16 08:27:56 CET 2014
The permission for /var/run/samba/winbindd_privileged directorydrwxr-x--- 2 root winbindd_priv 40 Nov 15 12:56 winbindd_privileged/
Added the freerad user to the group usermod -a -G winbindd_priv freerad
Run the test with no success.
root at unifi-ubnt:/var/run/samba# radtest -t mschap shyju password 127.0.0.1 0 testing123Sending Access-Request of id 191 to 127.0.0.1 port 1812 User-Name = "shyju" NAS-IP-Address = 127.0.1.1 NAS-Port = 0 Message-Authenticator = 0x00000000000000000000000000000000 MS-CHAP-Challenge = 0x71dd9a1c10b9bc4b MS-CHAP-Response = 0x00010000000000000000000000000000000000000000000000007e6ad0937ad4b3dfbe0f98ff7e6ccdd11d8f68a6579583f0rad_recv: Access-Reject packet from host 127.0.0.1 port 1812, id=191, length=38 MS-CHAP-Error = "\000E=691 R=1"
_______
Regards,
Shyju
> Date: Sat, 15 Nov 2014 09:41:43 -0500
> From: aland at deployingradius.com
> To: freeradius-users at lists.freeradius.org
> Subject: Re: Freeradius Active Directory Authentication using ntlm_auth
>
> Shyju Kanaprath wrote:
> ...
> > Exec-Program output: Reading winbind reply failed! (0xc0000001)
> > Exec-Program-Wait: plaintext: Reading winbind reply failed! (0xc0000001)
>
> The radius server probably doesn't have permission to run ntlm_auth.
>
> Run the ntlm_auth test as user radiusd (or whatever you set it to on
> your system). Then, fix permissions until it works.
>
> Alan DeKok.
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20141116/5e91ed9e/attachment-0001.html>
More information about the Freeradius-Users
mailing list