Question about Computers & Internet

1 Answer

Using Radius to authenticate Samba clients

I was just thinking if it is possible to use Radius to authenticate Samba clients. I hope you can help me with this one. If not, what are the other authentication that I can use for Samba authentication for both Windows and Unix/FreeBSD clients?

Can you also give me the configurations? I would appreciate it so much!

Thanks in advance!!!

here's my mail: mawzinister@yahoo.com

Posted by on

1 Answer

  • Level 1:

    An expert who has achieved level 1.

    MVP:

    An expert that got 5 achievements.

    Governor:

    An expert whose answer got voted for 20 times.

    Hot-Shot:

    An expert who has answered 20 questions.

  • Contributor
  • 42 Answers

Try to get the Linux OS called "Fedora 8". It has all the Samba features. And Fedora 8 is a Linux Kernel ( Red Hat ) server Operating System, You can do many things with it. But you will internet to download more stuffs in fedora 8.

Posted on Mar 05, 2008

1 Suggested Answer

6ya6ya
  • 2 Answers

SOURCE: I have freestanding Series 8 dishwasher. Lately during the filling cycle water hammer is occurring. How can this be resolved

Hi,
a 6ya expert can help you resolve that issue over the phone in a minute or two.
best thing about this new service is that you are never placed on hold and get to talk to real repairmen in the US.
the service is completely free and covers almost anything you can think of (from cars to computers, handyman, and even drones).
click here to download the app (for users in the US for now) and get all the help you need.
goodluck!

Posted on Jan 02, 2017

Add Your Answer

Uploading: 0%

my-video-file.mp4

Complete. Click "Add" to insert your video. Add

×

Loading...
Loading...

Related Questions:

1 Answer

I had a dell netbook with windows 7 wifi enabled and used (with permission and passkey) my neighbors wifi. that computer is now gone. now i have a 200 ibm thinkpad with the linksys wireless-b notebook...


This is caused by setting the encryption to WPA-RADIUS instead of
WPA-PSK on the client radio. Both the router and the client are
trying to find a RADIUS server with which to authenticate your system.
Switch the encryption to WPA-PSK (pre-shared key) on both ends and it
will work.

Aug 06, 2011 | Linksys 2.4 GHz 802.11b Wireless - B...

1 Answer

How do I secure?


WIRELESS To configure the Router as a wireless access point for wireless clients (either stationary or roaming), all you need to do is define the radio channel, the Service Set identifier (SSID), and security options.ADVANCED SETUP 47 Channel and SSID You must specify a common radio channel and SSID (Service Set ID) to be used by the Router and all of your wireless clients. Be sure you configure all of your clients to the same values. SSID: The Service Set ID. This should be set to the same value as the other wireless devices in your network. SSID Broadcast: Broadcasting the SSID on the wireless network for easy connection with client PCs. For security reasons, you should disable SSID broadcast. (Default: Enable) Note: The SSID is case sensitive and can consist of up to 32 alphanumeric characters. Wireless Mode: Set the communication mode for the Router. Default: Mixed (11b+11g)Configuring the Wireless Barricade g Router 48 Transmission Rate: Set the rate of data transmitted from the Router. The lower the data rate, the longer the transmission distance. (Default: Fully Automatic.) Channel: The radio channel through which the Router communicates with PCs in its BSS. (Default: 6) Note: The available channel settings are limited by local regulations. g Nitro: In a crowded 2.4 MHz frequency, the connection speed is much lower than the promised 54 Mbps. The g Nitro implemented by Intersil's Prism Nitro technology dramatically enhances your wireless network speeds. It provides up to 50% more throughput in 11g only environment, and improves network throughput by 3 times in mixed mode.ADVANCED SETUP 49 Security If you are transmitting sensitive data across radio channels, you should enable wireless security. Configuring the Wireless Barricade g Router 50 WEP Wired Equivalent Privacy (WEP) encryption requires you to use the same set of encryption/decryption keys for the Router and all of your wireless clients. WEP mode: You can choose disabled, 64-bit or 128-bit encryption. Key Provisioning: Select a key type of static key or dynamic key. Static WEP Key Setting You may manually enter the keys or automatically generate encryption keys. To manually configure the keys, enter 10 digits for each 64-bit key, or enter 26 digits for the single 128-bit key. (A hexadecimal digit is a number or letter in the range 0-9 or A-F.) For automatic 64-bit security, check the box of Passphrase, enter a passphrase and click SAVE SETTINGS. ADVANCED SETUP 51 Four keys will be generated. Choose a key ID (1-4) from the drop-down list or accept the default key. If you use encryption, configure the same keys used for the Router on each of your wireless clients. Note that Wired Equivalent Privacy (WEP) protects data transmitted between wireless nodes, but does not protect any transmissions over your wired network or over the Internet. WPA Wi-Fi Protected Access (WPA) combines Temporal Key Integrity Protocol (TKIP) and 802.1x mechanisms. It provides dynamic key encryption and 802.1x authentication service. With TKIP, WPA uses 48-bit initialization vectors, calculates an 8-byte message integrity code, and generates an encryption key periodically. For authentication, it allows you to use 802.1x authentication for an environment with a RADIUS server installed on your network. Selecting the Pre-shared Key enables WPA to use the pre-shared key in a SOHO network.Configuring the Wireless Barricade g Router 52 Field Default Parameter Description Cypher suite TKIP One of the security mechanism used by WPA for frame body and CRC frame encryption Authentication 802.1X Select the authentication mode. • 802.1X: It is for an enterprise network with a RADIUS server installed. • Pre-shared Key: It is for a SOHO network without any authentication server installed. Pre-shared key type Passphrase (8~63 characters) Select the key type as in pass-phrase or in 64-Hex characters Pre-shared Key none Specify in pass-phrase style or in 64-Hex characters. Group Key Re_Keying Disable The period of renewing broadcast/ multicast keyADVANCED SETUP 53 802.1X Management access will be checked against the authentication database stored on the Router. If an authentication RADIUS server is used, you must specify the secret key of the Message-Authenticator attribute, i.e., Message Digest-5 (MD5), and the corresponding parameters in the RADIUS Server Parameters field for the remote authentication protocol.Configuring the Wireless Barricade g Router 54 • General Parameters • RADIUS Server Parameters Field Default Parameter Description Enable 802.1X Yes Starts using 802.1x security control. Session Idle Timeout 300 seconds Defines a maximum period of time for which the connection is maintained during inactivity. Re-Authentication Period 3600 seconds Defines a maximum period of time for which the RADIUS server will dynamically re-assign a session key to a connected client station. Quiet Period 60 seconds Defines a maximum period of time for which the Router will wait between failed authentications. Server Type RADIUS Selects the authentication server type. Field Defaults Description Server IP 192.168.1.1 The IP address of the RADIUS server. Server Port 1812 UDP port is used for RADIUS authentication messages. Secret Key none Defines a text string on both the RADIUS client and server to secure RADIUS traffic. The RADIUS server requires MD5 Message-Authenticator attribute for all access request messages. The 802.1x authentication scheme is supported by using the Extensible Authentication Protocol (EAP) over the RADIUS server. NAS-ID none Defines the request identifier of the Network Access Server
Source: http://www.smc.com/files/AK/2804WBRP-G_MN.pdf
Please leave feedback for this answer, thanks.

Mar 10, 2011 | SMC Barricade g SMC2804WBRP-G Wireless...

1 Answer

I have a intellinet model 503693 router. my i phone connects automaticly when i am near (20 meters outside) how do i get it to request a password? the neighbours are using my internet connection.


Hi,
First let me give you steps how you can make your router secure from unauthorised access which your neighbours are doing
You need to login to the router setup page after connecting the router with pc via a cable

Connect to the Wireless G Broadband Router by entering http://192.168.1.254in the address field of your Web browser. Once you’ve logged in, the browser will display the administrator menu on the left-hand side of the screen, with the five configuration options — Wireless (Settings)

Encryption — Select "None," "WEP," "WPA," WPA2" or "WPA2 Mixed."
• WEP: Wired Equivalent Protocol.
• WPA: WI-FI Protected Access (WPA) is an intermediate solution for security issues. It uses Temporal Key Integrity Protocol (TKIP) to replace WEP.
WPA Authentication Mode — "Enterprise" uses an external authentication server (e.g., RADIUS) and EAP just as IEEE 802.1X does; "Personal" uses pre-shared keys without the need for additional servers. Both options will generate a master session key for the authenticator (AP) and supplicant (client station).
WPA Cipher Suite/WPA2 Cipher Suite — Choose either TKIP or AES.
Pre-Shared Key Format — Select passphrase or hex characters. Pre-Shared Key — Enter up to 128 characters.
Authentication RADIUS Server — Enter a port, IP address and password.

You can also read the manual of your router from the link i am providing

Let me know if this will help
c41813f.jpg

Nov 27, 2009 | Intellinet Active Networking Intellinet...

2 Answers

When I attempt to log onto my network I receive this message. ''Windows was unable to find a certificate to log you onto the network (network name)'' This is followed by ''Validating Identity'' which when...


This is caused by setting the encryption to WPA-RADIUS instead of WPA-PSK on the client radio. Both the router and the client are
trying to find a RADIUS server with which to authenticate your system.Switch the encryption to WPA-PSK (pre-shared key) on both ends and it will work.

Oct 11, 2009 | Toshiba Satellite 2400-S251 Notebook

1 Answer

Windows was unable to find certificate to log on to the network


hi,
That's caused by improperly setting the encryption to WPA-RADIUS instead of WPA-PSK on the client. The router and the client are both trying to find a RADIUS server with which to authenticate. Since you
don't have one, it complains using Microsoft technobabble. Change the encryption to WPA-PSK (pre-shared key) on both ends.

Sep 19, 2009 | Linksys Wireless-G Broadband Router

2 Answers

CAN'T CONNECT TO WIRELESS ROUTER WITH LAPTOP.


Temporarily disable all security on the router AND your laptop wireless card and try again to test connectivity.

The exact error message should be:
"Windows was unable to find a certificate to log you
on to the network [SSID]"

This is caused by setting the encryption to WPA-RADIUS instead of WPA-PSK on the client radio. Both the router and the client are
trying to find a RADIUS server with which to authenticate your system.
Switch the encryption to WPA-PSK (pre-shared key) on both ends and it should30924e8.jpg work.

Also check to make sure that IEEE 802.1x authentication on the wireless network properties Authentication tab is disabled.

Jan 04, 2009 | Linksys WRT160N Wireless Router

2 Answers

Scan-to-smb fails on SAMBA share


Hello, I have the same problem wih a Bizhub 500 and samba on SLES 9

Jul 22, 2008 | Konica Minolta bizhub 250 All-In-One Laser...

1 Answer

How to configure samba server


Hi satveergaur

Follow these instruction to configure samba server

To configure Samba using a graphical interface, use the Samba Server Configuration Tool.

The Samba Server Configuration Tool is a graphical interface for managing Samba shares, users, and basic server settings. It modifies the configuration files in the /etc/samba/ directory. Any changes to these files not made using the application are preserved.

To use this application, you must be running the X Window System, have root privileges, and have the redhat-config-samba RPM package installed. To start the Samba Server Configuration Tool from the desktop, go to the Main Menu Button (on the Panel) => System Settings => Server Settings => Samba or type the command redhat-config-samba at a shell prompt (for example, in an XTerm or a GNOME terminal).



 Samba Server Configuration Tool



Note
The Samba Server Configuration Tool does not display shared printers or the default stanza that allows users to view their own home directories on the Samba server.

 Configuring Server Settings

The first step in configuring a Samba server is to configure the basic settings for the server and a few security options. After starting the application, select Preferences => Server Settings from the pulldown menu. The Basic tab is displayed as shown in Figure 24-2.



 Configuring Basic Server Settings

On the Basic tab, specify which workgroup the computer should be in as well as a brief description of the computer. They correspond to the workgroup and server string options in smb.conf.



 Configuring Security Server Settings

The Security tab contains the following options:


Authentication Mode — This corresponds to the security option. Select one of the following types of authentication.


ADS — The Samba server acts as a domain member in an Active Directory Domain (ADS) realm. For this option, Kerberos must be installed and configured on the server, and Samba must become a member of the ADS realm using the net utility, which is part of the samba-client package. Refer to the net man page for details. This option does not configure Samba to be an ADS Controller.

Domain — The Samba server relies on a Windows NT Primary or Backup Domain Controller to verify the user. The server passes the username and password to the Controller and waits for it to return. Specify the NetBIOS name of the Primary or Backup Domain Controller in the Authentication Server field.

The Encrypted Passwords option must be set to Yes if this is selected.

Server — The Samba server tries to verify the username and password combination by passing them to another Samba server. If it can not, the server tries to verify using the user authentication mode. Specify the NetBIOS name of the other Samba server in the Authentication Server field.

Share — Samba users do not have to enter a username and password combination on a per Samba server basis. They are not prompted for a username and password until they try to connect to a specific shared directory from a Samba server.

User — (Default) Samba users must provide a valid username and password on a per Samba server basis. Select this option if you want the Windows Username option to work. Refer to Section 24.2.1.2 Managing Samba Users for details.

Encrypt Passwords — This option must be enabled if the clients are connecting from a Windows 98, Windows NT 4.0 with Service Pack 3, or other more recent versions of Microsoft Windows. The passwords are transfered between the server and the client in an encrypted format instead of in as a plain-text word that can be intercepted. This corresponds to the encrypted passwords option. Refer to Section 24.2.3 Encrypted Passwords for more information about encrypted Samba passwords.

Guest Account — When users or guest users log into a Samba server, they must be mapped to a valid user on the server. Select one of the existing usernames on the system to be the guest Samba account. When guests logs in to the Samba server, they have the same privileges as this user. This corresponds to the guest account option.

After clicking OK, the changes are written to the configuration file and the daemon is restart; thus, the changes take effect immediately.

 Managing Samba Users

The Samba Server Configuration Tool requires that an existing user account be active on the system acting as the Samba server before a Samba user can be added. The Samba user is associated with the existing user account.


To add a Samba user, select Preferences => Samba Users from the pulldown menu, and click the Add User button. On the Create New Samba User window select a Unix Username from the list of existing users on the local system.

If the user has a different username on a Windows machine and will be logging into the Samba server from the Windows machine, specify that Windows username in the Windows Username field. The Authentication Mode on the Security tab of the Server Settings preferences must be set to User for this option to work.

Also configure a Samba Password for the Samba User and confirm the Samba Password by typing it again. Even if you select to use encrypted passwords for Samba, it is recommended that the Samba passwords for all users are different from their system passwords.

To edit an existing user, select the user from the list, and click Edit User. To delete an existing Samba user, select the user, and click the Delete User button. Deleting a Samba user does not delete the associated system user account.

The users are modified immediately after clicking the OK button.

Starting and Stopping the Server

On the server that is sharing directories via Samba, the smb service must be running.

View the status of the Samba daemon with the following command: /sbin/service smb status


Start the daemon with the following command: /sbin/service smb start


Stop the daemon with the following command: /sbin/service smb stop


To start the smb service at boot time, use the command: /sbin/chkconfig --level 345 smb on

Regards,
TheAssembler

Jun 06, 2008 | Computers & Internet

2 Answers

Connecting to network


[QUOTE]The exact error message should be:
"Windows was unable to find a certificate to log you
on to the network [SSID]"
Google shows 37 hits with this exact phrase.
This is caused by setting the encryption to WPA-RADIUS instead of
WPA-PSK on the client radio. Both the router and the client are
trying to find a RADIUS server with which to authenticate your system.
Switch the encryption to WPA-PSK (pre-shared key) on both ends and it
will work.[/quote]

Jan 16, 2008 | Linksys Wireless-G WRT54G Router

4 Answers

Cicso 1131ag Drops off


How are attached / verified by the LAN? Do you have a RADIUS server for the certificates?

Oct 27, 2006 | Cisco Aironet 1131AG 802.11a, 802.11g/b...

Not finding what you are looking for?
Computers & Internet Logo

Related Topics:

1,272 people viewed this question

Ask a Question

Usually answered in minutes!

Top Computers & Internet Experts

Brian Sullivan
Brian Sullivan

Level 3 Expert

27725 Answers

kakima

Level 3 Expert

100140 Answers

David Payne
David Payne

Level 3 Expert

14160 Answers

Are you a Computer and Internet Expert? Answer questions, earn points and help others

Answer questions

Manuals & User Guides

Loading...