I'm attempting to get EAP MSCHAPv2 (EAP PEAP) to work with wireless so that our Cisco Wireless LAN Controllers can bounce user authentication off of Radiator.
My understanding is that I should be using the goodies/ntlm_eap_peap.cfg configuration file to start building off of. This file indicates that there are a few moving parts that need to be put in place for this to work properly: (a) smb.conf file must be fleshed out (b) ntlm_auth must function for EAP PEAP to work Correct? I'm currently stuck at ntlm_auth not functioning at all. Take this output as an example: # ntlm_auth --username=testuser --domain=<domain> --password='blah' could not obtain winbind separator! Reading winbind reply failed! (0x01) : (0x0) A quick tcpdump shows that this command DOES NOT in any way generate any network traffic. Doh. I guess part of my confusion is whether or not I must "net join" my system to the domain. Is that a requirement? My smb.conf file look as follows: [global] # Replace 'OPEN' with the name of your Windows domain: workgroup = MYDOMAIN security = domain password server = * This is pretty much a one-line change from the smb.conf file found in the goodies directory. Any ideas on why this is failing? -james _______________________________________________ radiator mailing list radiator@open.com.au http://www.open.com.au/mailman/listinfo/radiator
