[RADIATOR] eap peap + ntlm_auth
James
jtp at nc.rr.com
Thu Feb 17 13:20:54 CST 2011
Bump...and help would be greatly appreciated. :)
-james
On Wed, Feb 16, 2011 at 22:56, James <jtp at nc.rr.com> wrote:
> I'm attempting to get EAP MSCHAPv2 (EAP PEAP) to work with wireless so
> that our Cisco Wireless LAN Controllers can bounce user authentication
> off of Radiator.
>
> My understanding is that I should be using the
> goodies/ntlm_eap_peap.cfg configuration file to start building off of.
>
> This file indicates that there are a few moving parts that need to be
> put in place for this to work properly:
>
> (a) smb.conf file must be fleshed out
> (b) ntlm_auth must function for EAP PEAP to work
>
> Correct?
>
> I'm currently stuck at ntlm_auth not functioning at all. Take this
> output as an example:
>
> # ntlm_auth --username=testuser --domain=<domain> --password='blah'
> could not obtain winbind separator!
> Reading winbind reply failed! (0x01)
> : (0x0)
>
> A quick tcpdump shows that this command DOES NOT in any way generate
> any network traffic. Doh.
>
> I guess part of my confusion is whether or not I must "net join" my
> system to the domain. Is that a requirement?
>
> My smb.conf file look as follows:
>
> [global]
> # Replace 'OPEN' with the name of your Windows domain:
> workgroup = MYDOMAIN
> security = domain
> password server = *
>
> This is pretty much a one-line change from the smb.conf file found in
> the goodies directory.
>
> Any ideas on why this is failing?
>
> -james
More information about the radiator
mailing list