Machine account authentication on Radius server

Posted by O.Shevchenko on Server Fault See other posts from Server Fault or by O.Shevchenko
Published on 2012-11-02T09:18:01Z Indexed on 2012/11/02 11:03 UTC
Read the original article Hit count: 253

Filed under:

linux

|

active-directory

|

radius

My workstation is under Linux. I have an Active Directory domain controller + Radius server on Windows 2008. I can verify user account 'radius-01' using 'radtest' tool:

    $ radtest -t pap radius-01 password123 195.234.133.32 1812 password123
    Sending Access-Request of id 98 to 195.234.73.2 port 1812
            User-Name = "radius-01"
            User-Password = "password123"
            NAS-IP-Address = 127.0.1.1
            NAS-Port = 1812
    rad_recv: Access-Accept packet from host 195.234.133.32 port 1812, id=98, length=84
            Framed-MTU = 1344
            Framed-Protocol = PPP
            Service-Type = Framed-User
            Class = 0x537004f00000013700010200ac1c0...

I have joined my Linux PC to Active Directory domain ARB-HRK using Samba:

    [root@shev-arb]# net ads testjoin
    Join is OK

I can dump machine password:

    [root@shev-arb]# tdbdump /var/lib/samba/private/secrets.tdb
    {
    key(34) = "SECRETS/MACHINE_PASSWORD/ARB-HRK"
    data(15) = "yGgXJsquRnpT0g\00"
    }

How can i authenticate my machine account on Radius server?

Do anybody know any tools for this, like:

    radtest   shev-arb$ yGgXJsquRnpT0g 195.234.133.32 1812 password123

(this command fails)

© Server Fault or respective owner

Related posts about linux

apt-get install and update fail

as seen on Ask Ubuntu - Search for 'Ask Ubuntu'
I've got a problem with apt-get update and apt-get install ... commands . every time update or installing fails and errors are : Get:1 http://dl.google.com stable Release.gpg [198B] Ign http://dl.google.com/linux/chrome/deb/ stable/main Translation-en_US Get:2 http://dl… >>> More
kernel module compiling error

as seen on Ask Ubuntu - Search for 'Ask Ubuntu'
sh@ubuntu:/home/ccpp/helloworld$ make gcc-4.6 -O2 -DMODULE -D_KERNEL_ -W -Wall -Wstrict-prototypes -Wmissing-prototypes -isystem /lib/modules/`uname -r`/build/include -c -o hello-1.o hello-1.c hello-1.c:4:0: warning: "MODULE" redefined [enabled by default] <command-line>:0:0: note: this is… >>> More
Build-Essentials installation failing

as seen on Ask Ubuntu - Search for 'Ask Ubuntu'
I am having trouble accessing the several critical header files that show to be a part of the build process. The "Ubuntu Software Center" shows "Build Essentials" as installed: Next I did the following two commands, which did not improve the problem: ~$ sudo apt-get install build-essential [sudo]… >>> More
Updating Debian kernel

as seen on Super User - Search for 'Super User'
I'm trying to update my Debian machine to 2.6.32-46 (which is the new stable). However, after doing apt-get update my apt-cache search linux-image shows me: linux-headers-2.6.32-5-486 - Header files for Linux 2.6.32-5-486 linux-headers-2.6.32-5-686-bigmem - Header files for Linux 2.6.32-5-686-bigmem linux-headers-2… >>> More
Serial connection over a single USB cable (Windows to linux, or linux to linux)

as seen on Server Fault - Search for 'Server Fault'
I'm helping out with a project for an embedded device that only has USB and no serial. This device is running Linux. These days, when we need to connect to a serial port on a device we typically use a USB to serial adapter (on something like a phone system or a load balancing device, etc). I would… >>> More

Related posts about active-directory

Can't join OS X Mavericks to AD Domain

as seen on Server Fault - Search for 'Server Fault'
I'm attempting to join an OS X Mavericks (10.9) client to a Windows Server 2008 Active Directory domain, however the bind fails with this error in the OS X client's system.log: Oct 24 15:03:15 host.domain.com com.apple.preferences.users.remoteservice[5547]: -[ODCAddServerSheetController handleOtherActionError:… >>> More
Retrieve user details from Active Directory using SID

as seen on Server Fault - Search for 'Server Fault'
Hi, How can I find a user in my AD when I have his/her SID. I don't want to rely on other attributes, since I am trying to detect changes to these. Example: I get a message about a change to user record containing: Message: User Account Changed: Target Account Name: test12 Target… >>> More
Retrieve user details from Active Directory using GUID

as seen on Server Fault - Search for 'Server Fault'
Hi, How can I find a user in my AD when I have his/her GUID. I don't want to rely on other attributes, since I am trying to detect changes to these. >>> More
Retrieve user details from Active Directory using GUID [closed]

as seen on Super User - Search for 'Super User'
Hi, How can I find a user in my AD when I have his/her GUID. I don't want to rely on other attributes, since I am trying to detect changes to these. >>> More
Office365 DirSync Active Directory Integration

as seen on Server Fault - Search for 'Server Fault'
I am preparing to deploy Office365 for my organization. We have an on premise Active Directory Domain Controller (Windows Server 2012 R2). We would like to leverage our Active Directory for: automatic user provisioning in Office365, and password synchronization, using the DirSync tool. Our Active… >>> More