[Samba] Samba + FreeRadius + Ubiquiti

Tyler Montney montneytyler at gmail.com
Tue Feb 23 20:34:09 UTC 2021

Someone from FreeRadius suggested I post over here, that Louis recently
went down a similar path and might be able to help.

I have a Unifi wireless controller that I want to offer RADIUS
authentication. The controller points to the latest version of FreeRadius.
Finally, this uses a Samba 4 instance, with integrated LDAP as my PDC. All
are running Ubuntu 18.04.

I started from scratch and followed this:
The following pass:

   - wbinfo -a <user>%<password>
   - ntlm_auth --request-nt-key --domain=TESTING --username=<user>
   - radtest <domain_accout> <password> localhost 0 testing123

The following fail:

   -   radtest -t mschap <user> <password> localhost 0 testing123

Running this gives me "bad username/password" on freeradius. I can see
something similar in the samba logs. My assumption is there's something up
with this line: ntlm_auth = "/usr/bin/ntlm_auth --request-nt-key
--domain=TESTING --username=%{%{Stripped-User-Name}:-%{%{User-Name}:-None}}

More information about the samba mailing list