[Samba] problems after migrating NT domain to AD (samba 4.7.x)
Marco Gaiarin
gaio at sv.lnf.it
Mon Sep 30 07:51:14 UTC 2019
Mandi! Bartłomiej Solarz-Niesłuchowski via samba
In chel di` si favelave...
> smb.conf
> [global]
[...]
> ntlm auth = mschapv2-and-ntlmv2-only
Good. But this have to be atted to DCs (all DCs), not the DM that run
freeradius...
> winbind_username = "%{mschap:User-Name}"
> winbind_domain = WSISIZ.EDU.PL with no positive result )
I thinik don't bother, but i use:
winbind_username = "%{mschap:%{User-Name}:-None}"
winbind_domain = "%{mschap:%{NT-Domain}:-WSISIZ.EDU.PL}"
> Output from radiusd -X
You have enabled modules 'ntdomain' in 'default' and 'inner-tunnel'
virtualhosts?
Have you added a proxy to yourself in proxy.conf:
realm WSISIZ.EDU.PL {
type = radius
authhost = LOCAL
accthost = LOCAL
}
have you removed/commented out all realm apart LOCAL and above from
proxy.conf?
--
dott. Marco Gaiarin GNUPG Key ID: 240A3D66
Associazione ``La Nostra Famiglia'' http://www.lanostrafamiglia.it/
Polo FVG - Via della Bontà, 7 - 33078 - San Vito al Tagliamento (PN)
marco.gaiarin(at)lanostrafamiglia.it t +39-0434-842711 f +39-0434-842797
Dona il 5 PER MILLE a LA NOSTRA FAMIGLIA!
http://www.lanostrafamiglia.it/index.php/it/sostienici/5x1000
(cf 00307430132, categoria ONLUS oppure RICERCA SANITARIA)
More information about the samba
mailing list