Re: [Samba] Radius auth problem after DC update
- Date: Fri, 19 Oct 2018 15:40:07 +0200
- From: Micha Ballmann via samba <samba@xxxxxxxxxxxxxxx>
- Subject: Re: [Samba] Radius auth problem after DC update
on your DC set "ntlm auth = yes" for testing. I dont know when, but ntlm
auth is no more enabled by default! In the past i got the same issue
with my radius server.
for more, show here ("ntlm auth (G)"):
Am 19.10.2018 um 15:00 schrieb Jiří František via samba:
We were using two DC with 4.3.4 version of samba. Radius authentication
wont work after upgrade one of DC to version 4.6.7. Authentication is
working If winbind on radius server connects to DC with version 4.3.4.
I tried install new radius server following tutorial on
same result. Radius is working on DC with older version of samba.
I think that the problem will be somewhere in winbind on radius server.
If I want to test authentication with wbinfo I get following output:
wbinfo -a user%pass
plaintext password authentication failed
Could not authenticate user user%pass with plaintext password
challenge/response password authentication succeeded.
My smb.conf on radius server (samba 4.7.1, radiusd 3.0.13):
security = ADS
workgroup = DOMAIN
realm = DOMAIN.LAN
log file = /var/log/samba/%m.log
log level = 1
ntlm auth = mschapv2-and-ntlmv2-only
idmap config * : backend = tdb
idmap config * : range = 3000-7999
idmap config DOMAIN:backend = ad
idmap config DOMAIN:schema_mode = rfc2307
idmap config DOMAIN:range = 10000-999999
idmap config DOMAIN:unix_nss_info = no
template shell = /bin/bash
template homedir = /home/%U
Why I have problem with radius authentication of users with newer version
of samba on DC?
Any reply will be appreciate.
To unsubscribe from this list go to the following URL and read the