[RADIATOR] PEAP Issue
Heikki Vatiainen
hvn at open.com.au
Wed Feb 2 10:01:40 CST 2011
On 02/01/2011 07:11 PM, Adam Bishop wrote:
> OK, the issue is fixed in SAMBA 3.5.6.
Good to hear.
> It's a horrible, dirty fix, but to get 3.5.6 into 10.04 quickly:
>
> 0) Back up smb.conf
>
> 1) # aptitude purge samba winbind samba-common
>
> 2) add these 2 lines to /etc/apt/sources.lst
> deb http://gb.archive.ubuntu.com/ubuntu/ natty main restricted
> deb-src http://gb.archive.ubuntu.com/ubuntu/ natty main restricted
>
>
> 3) # aptitude update
>
> 4) # aptitude install samba winbind
Unless you need nmbd and smbd, you can install just samba-common and
winbind. Then you do not have to worry about nmbd and smbd listening for
incoming connections or broadcasting into your network.
This samba issue affects Debian 5.0 too, and I know one setup where the
server is up-to-date Debian 5.0 but samba-common and winbind are from
4.0. Radiator + ntlm_auth work happily and seem not to miss smbd or nmbd.
The nice thing about winbind is it does not listen to any sockets for
incoming connections and it or ntlm_auth do not need the other samba
daemons. Well, at least with Debian 4.0 that was the case. Hopefully
Samba and Debian/Ubuntu packages still support this.
> 5) replace smb.conf
>
> 6) reboot / restart smbd / nmbd / winbind
>
> 7) remove the two lines from /etc/apt/sources.lst
>
> After this, you will need to keep an eye on the ubuntu repository for
> security updates - as the packages have been pulled from a different
> repository they will not be updated automatically.
>
> If an update is required, add the two lines again and do:
> # aptitude update
> # aptitude install samba winbind
>
> When natty hits stable (some time in april?) I'll make a back port request
> for samba, so 3.5.6 might get included in the back ports repository.
--
Heikki Vatiainen <hvn at open.com.au>
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS,
TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP,
DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS,
NetWare etc.
More information about the radiator
mailing list