[Samba] Samba and Freeradius...
Marco Gaiarin
gaio at sv.lnf.it
Wed Oct 10 09:34:29 UTC 2018
Mandi! Kacper Wirski via samba
In chel di` si favelave...
> Wiki entry was based on my mail to this list, sorry if I was not clear
Oh, don't bother... really i was ''puzzled' by the sentences:
Ensure the server is added to AD with net ads join
so i supposed we are referencing a domain member (a domain controller
is ''joined by default'' to the domain...).
A little note: you 'lock' the domain name in configuration; it is also
possible to leave the domain info, provinding a default if absent, so
you can auth multiple domains.
Clearly, you have to define the correspoding realms in proxy.conf.
eg (LNFFFVG is my domain):
winbind_username = "%{mschap:%{User-Name}:-None}"
winbind_domain = "%{mschap:%{NT-Domain}:-LNFFVG}"
ntlm_auth = "/usr/bin/ntlm_auth --allow-mschapv2 --helper-protocol=ntlm-change-password-1"
ntlm_auth_username = "username: %{mschap:User-Name}"
ntlm_auth_domain = "nt-domain: %{mschap:%{NT-Domain}:-LNFFVG}"
and in proxy.conf:
realm LNFFVG {
type = radius
authhost = LOCAL
accthost = LOCAL
}
--
dott. Marco Gaiarin GNUPG Key ID: 240A3D66
Associazione ``La Nostra Famiglia'' http://www.lanostrafamiglia.it/
Polo FVG - Via della Bontà , 7 - 33078 - San Vito al Tagliamento (PN)
marco.gaiarin(at)lanostrafamiglia.it t +39-0434-842711 f +39-0434-842797
Dona il 5 PER MILLE a LA NOSTRA FAMIGLIA!
http://www.lanostrafamiglia.it/index.php/it/sostienici/5x1000
(cf 00307430132, categoria ONLUS oppure RICERCA SANITARIA)
More information about the samba
mailing list