[ Mike Gabriel, 2022-01-19 ] > I am currently setting up a FreeRADIUS on TJENER (bullseye) and find that > the Debian Edu documentation (esp. the Debian Edu 11 release announcement) > states that PEAP-MSCHAPv2 is supported by the FreeRADIUS setup script. > > @Wolfgang: do you have a PEAP-MSCHAPv2 setup running? atm no (missing resources). at the time I added the script, things worked justfine, using the edu cert on my phone as well. > For testing purposes, I have set ntlm_auth = yes in smb.conf. that isn't the way to go, use the provided config: https://salsa.debian.org/debian-edu/debian-edu-config/-/blob/master/etc/samba/smb-debian-edu.conf > When using ntlm_auth to authenticate against smbd on TJENER I always get > NT_STATUS_NO_SUCH_USER: > > ``` > $ ntlm_auth --username=gabmik --domain=SGM > Password: > NT_STATUS_NO_SUCH_USER: The specified account does not exist. (0xc0000064) as of bullseye, PDC with 'domain' is gone, fake domain is tjener use 'smbclient -L tjener' (as user gabmik). > I understand that Samba user information for the standalone server is now > stored locally on TJENER (and password changes are managed via hook calls to > smbpasswd). > > Any idea how to track this down further? 'man pdbedit' is your friend, eg pdbedit -L -v -u gabmik Wolfgang
Attachment:
signature.asc
Description: PGP signature