freeradius and AD auth with option require-membership-of
Stefan Paetow
Stefan.Paetow at ja.net
Thu Sep 11 01:18:05 CEST 2014
What's the complete command-line you have in the mschap module?
Also, is the ntlm_auth location you specified in the mschap module the same as the one you get when you type "which ntlm_auth" on the command-line?
Stefan
________________________________
From: freeradius-users-bounces+stefan.paetow=ja.net at lists.freeradius.org [freeradius-users-bounces+stefan.paetow=ja.net at lists.freeradius.org] on behalf of Попов Александр [pop5s at mail.ru]
Sent: 10 September 2014 18:18
To: freeradius-users
Subject: Re[2]: freeradius and AD auth with option require-membership-of
Ok.thanks.
But why is the console command (ntlm_auth --request-nt-key --domain=lenfi.ru --username=test2 --require-membership-of='s-1-5-21-241991751-2423211274-3836920987-1626') is executed without problems?
m>:
Попов Александр wrote:
> Ubuntu 14.04, freeradius 2.1.12+dfsg-1.1ubuntu0.1
Upgrade to 2.2.5.
> When I add in mschap this option in debug I see:
>
> Could not parse s-1-5-21-241991751-2423211274-3836920987-1626 into
> separate domain/name parts!
> *** Error in `/usr/bin/ntlm_auth': free(): invalid pointer:
> 0x00007f13562b9e9c ***
> Exec-Program output: ?▒t?▒r▒▒▒<???▒▒▒▒1▒?▒▒I?|$?H?▒??j▒▒▒▒▒r (0xc000000d)
> Exec-Program-Wait: plaintext: ?▒t?▒r▒▒▒<???▒▒▒▒1▒?▒▒I?|$?H?▒??j▒▒▒▒▒r
It looks like the ntlm_auth program is buggy. Fix that.
This isn't a FreeRADIUS issue.
Alan DeKok.
С уважением,
Попов Александр
pop5s at mail.ru
Janet(UK) is a trading name of Jisc Collections and Janet Limited, a
not-for-profit company which is registered in England under No. 2881024
and whose Registered Office is at Lumen House, Library Avenue,
Harwell Oxford, Didcot, Oxfordshire. OX11 0SG. VAT No. 614944238
More information about the Freeradius-Users
mailing list