[Samba] Samba 4 and freeradius

Kinglok, Fong busywater at gmail.com
Tue Feb 26 23:53:25 MST 2013


On 27 Feb, 2013, at 2:26 PM, Andrew Bartlett <abartlet at samba.org> wrote:

> On Wed, 2013-02-27 at 12:17 +0800, Kinglok, Fong wrote:
>> In fact, I have tried using NTLM already.
>> 
>> I have successfully setup winbind bundled with Samba 4, including the steps to join Samba 4 as member server and start up winbindd as daemon.
>> 
>> However, I encounter two difficulties with using NTLM to authenticate freeradius to Samba 4.
>> - I have to run freeradius as root in order to read output from winbindd.  Even I change the permission / ownership of /usr/local/samba/var/run/winbindd to freerad.  It still cannot work!
> 
> You need to change the winbind_privileged directory, not the winbindd
> directory.  The group ownership of this directory should be a group that
> servers doing NTLM authentication (such as squid, apache, pptpd and
> freeradius) are in. 
> 
> Andrew Bartlett
> 
> -- 
> Andrew Bartlett                                http://samba.org/~abartlet/
> Authentication Developer, Samba Team           http://samba.org
> 
> 

Finally, I got it
/usr/local/samba/var/lib/winbindd_privileged

not
/usr/local/samba/var/lib/winbind_privileged

Thanks.

Kinglok, Fong


More information about the samba mailing list