Dear All, Well, this is very embarrassing.... It seems that running 'smbcontrol all reload-config' isn't sufficient for reloading the ntlm config parameters. I tried restarting the whole samba service on the DC my FR box was authenticating against (systemctl restart sernet-samba-ad) and my test laptop is now connected to the network on the correct VLAN. I apologise for wasting everyone's time - now I'll get back to cleaning up all the config files and making sure BYOD still works etc. Thank you, Tim
On Tue, 2023-04-04 at 08:38 +0000, Tim ODriscoll wrote:> Dear All, > > Well, this is very embarrassing.... > > It seems that running 'smbcontrol all reload-config' isn't sufficient > for reloading the ntlm config parameters.I'm sorry to say that the Samba AD DC does not honour reload-config, it only reads the configuration at startup, and never again.> I tried restarting the whole samba service on the DC my FR box was > authenticating against (systemctl restart sernet-samba-ad) and my > test laptop is now connected to the network on the correct VLAN. > > I apologise for wasting everyone's time - now I'll get back to > cleaning up all the config files and making sure BYOD still works etcI'm glad to hear it all works now. Andrew Bartlett -- Andrew Bartlett (he/him) https://samba.org/~abartlet/ Samba Team Member (since 2001) https://samba.org Samba Team Lead, Catalyst IT https://catalyst.net.nz/services/samba Samba Development and Support, Catalyst.Net Limited Catalyst.Net Ltd - a Catalyst IT group company - Expert Open Source Solutions
Matthias Kühne | Ellerhold Aktiengesellschaft
2023-Apr-06 07:44 UTC
[Samba] Fwd: ntlm_auth and freeradius
Hello Tim, Hello samba-people, is there an uptodate guide for authenticating via freeradius somewhere? I have some Ubiquiti APs plus a Cloud Key and I want to authenticate WLAN clients via WPA2-Enterprise instead of a (shared) PSK. It seems like https://wiki.samba.org/index.php/Authenticating_Freeradius_against_Active_Directory is missing some steps (basic setup of freeradius). Can you write up some of your findings please? Thanks and happy holidays, Matthias. Am 04.04.23 um 10:38 schrieb Tim ODriscoll via samba:> Dear All, > > Well, this is very embarrassing.... > > It seems that running 'smbcontrol all reload-config' isn't sufficient for reloading the ntlm config parameters. > > I tried restarting the whole samba service on the DC my FR box was authenticating against (systemctl restart sernet-samba-ad) and my test laptop is now connected to the network on the correct VLAN. > > I apologise for wasting everyone's time - now I'll get back to cleaning up all the config files and making sure BYOD still works etc. > > Thank you, > > Tim-- Senior Webentwickler Datenschutzbeauftragter Ellerhold Aktiengesellschaft Friedrich-List-Str. 4 01445 Radebeul Telefon: +49 (0) 351 83933-61 Web: www.ellerhold.de Facebook: www.facebook.com/ellerhold.gruppe Instagram: www.instagram.com/ellerhold.gruppe Twitter: https://twitter.com/EllerholdGruppe Amtsgericht Dresden / HRB 23769 Vorstand: Stephan Ellerhold, Maximilian Ellerhold Vorsitzender des Aufsichtsrates: Frank Ellerhold ---Diese E-Mail und Ihre Anlagen enthalten vertrauliche Mitteilungen. Sollten Sie nicht der beabsichtigte Adressat sein, so bitten wir Sie um Mitteilung und um sofortiges l?schen dieser E-Mail und der Anlagen. Unsere Hinweise zum Datenschutz finden Sie hier: http://www.ellerhold.de/datenschutz/ This e-mail and its attachments are privileged and confidential. If you are not the intended recipient, please notify us and immediately delete this e-mail and its attachments. You can find our privacy policy here: http://www.ellerhold.de/datenschutz/