Ad Info Free Installer Exe

Add-ins.com has over 80 add-in products for Microsoft Excel. Many free products and trial versions. There are data, charting, time saving, and specialty add-ins that make Microsoft Excel easier to use. AD Info is available in two editions, free edition and standard edition. The free edition is completely free for personal and commercial use and is not time limited. Click the Buy button below to see pricing details for the standard edition. The differences between the two versions can be seen further down this page.

Use these steps to install it. Right-click the Start button and choose “ Settings ” “ Apps ” “ Manage optional features ” “ Add feature “. Select “ RSAT: Active Directory Domain Services and Lightweight Directory Tools “. Select “ Install “, then wait while Windows installs the feature. It should eventually appear. To install the Runtime Edition of ADF Desktop Integration: From the end user's system, navigate to the directory on the shared file server, or use the provided link. Run setup.exe from the path provided in Step 3. Follow the instructions that appear in the dialog boxes launched by setup.exe to successfully install the required components.

File InfoDescription
File Size:55 MB
File Modification Date/Time:2019:10:24 05:10:38+00:00
File Type:Win32 EXE
MIME Type:application/octet-stream
Machine Type:Intel 386 or later, and compatibles
Time Stamp:2019:06:25 22:35:04+00:00
PE Type:PE32
Linker Version:2.22
Code Size:1971712
Initialized Data Size:2925568
Uninitialized Data Size:7168
Entry Point:0x12a0
OS Version:4.0
Image Version:1.0
Subsystem Version:4.0
Subsystem:Windows GUI
File Version Number:9.2.2.2501
Product Version Number:9.2.2.2501
File Flags Mask:0x003f
File Flags:(none)
File OS:Win32
Object File Type:Dynamic link library
File Subtype:0
Language Code:English (U.S.)
Character Set:Unicode
Company Name:Autodesk, Inc.
File Description:
File Version:9.2.2.2501
Legal Copyright:Copyright 2019 Autodesk, Inc. All rights reserved.
Product Name:Autodesk Licensing
Product Version:9.2.2.2501

Portions of file data provided by Exiftool (Phil Harvey) distributed under the Perl Artistic License.

The definitive guide by Alan DeKok is at: http://deployingradius.com/documents/configuration/active_directory.html

Introduction

This document describes how to set up FreeRADIUS server in order to authenticate Windows XP network users transparently against Active Directory.

It is a step by step 'quick & dirty' guide to configure FreeRADIUS server, Network Access Points and Windows XP supplicants.

Principles

FreeRADIUS offers authentication via port based access control. A user can connect to the network only if its credentials have been validated by the authentication server. User credentials are verified by using special authentication protocols which belong to the 802.1X standard.

Refer to the graphic. Network access is only granted to the workstation if the user credentials have been authenticated by the FreeRADIUS server. Otherwise the switch port will be down for any network traffic.The RADIUS server is allowed to contact the domain controller for user authentication.Although the switch port is down, the workstation can communicate with the RADIUS server via an authentication protocol.The RADIUS server is able to check on the domain controller if the user exists and if its password is correct. If this is the case, the RADIUS server tells the switch to open the port and the user will get access to the network.

Prerequisites

The following components are required to install the access control solution:

  • A Linux/Unix server (only Linux is covered)
  • FreeRADIUS 3.0.x
  • Samba 3.0.x
  • Openssl
  • Cisco Catalyst Switch
  • Windows >= Win2K SP4 XP

Set up the Linux server

Linux must be configured to join a Windows domain.This is done by using the Samba file server which offers several interesting tools.The goal is not to create a Samba file server but only to use some tools which come with this server.

Samba server contains among others the following components:

  • Winbind, a daemon which permits connectivity to Windows –NT environment.
  • ntlm_auth, a tool which uses winbind for evaluating NTLM (NT Lan Manager) requests. This tool allows verifying user credentials on the domain controller and returns either a success or an error message.

Please have a look at your Linux box and check if Samba is already installed

Find the file smb.conf and open it with your preferred editor.

The file must contain the following lines:

In the [global] section

Verify the following lines in the [homes] section

Next, find the file krb5.conf.Normally it should be found in /etc/krb5.conf.

Edit this file with the following information: (Watch out for case sensitivity)

Edit the file /etc/nsswitch.conf and add winbind at the end of each line shown below

Restart the machine.

Verify if the Samba service is running by typing

Execute the following command line (you must be connected as root)

Administrator is the name of the domain controller admin. Enter your password when prompted. If everything works fine, the Linux server has been registered to the Windows domain.

Verify now if the winbindd daemon is running

Try next if you can authenticate a user from the domain

The output should be something like the following

The error is absolutely normal in this case because there are no cleartext user credentials on the domain Controller (Active Directory) for this user

As cleartext authentication fails, wbinfo tries a challenge/response.If a challenge/response succeeds, the Linux server is configured correctly to authenticate users against Active Directory, however despite of the success of this test, you may need to set some extra permissions on the winbindd_privileged directory (see the WARNING below)!

Let’s try to authenticate with NTLM, which is necessary for using FreeRADIUS with Active Directory.

Type the following line

For example

You will be prompted for your password.

The command line returns

If the username and password are the same as those stored in Active Directory.

Exe

Note that this mechanism is based on a challenge/response of the nt-key, a character string that has been encrypted with information taken from the username and password.

During this operation, no exchange of user information takes place. Everything is based upon a comparison of encrypted strings.

WARNING!!!

Exe

When called by radiusd (thus directly setting the challenge value) the ntlm_auth program needs permission to access winbindd's winbindd_privileged directory (somewhere under /var). Read access will usually be sufficient.

The radiusd.conf file sets the uid and gid your radiusd process will run as (by the user and group directives, respectively). The ntlm_auth process will have the same identity. If your filesystem containing the winbindd_privileged directory supports POSIX ACLs, you can safely grant ntlm_auth the necessary permissions, in case your distribution's default setting were insufficient. If radiusd runs as the user radiusd for example, then you should use setfacl the following way

Or something similar. See http://www.suse.de/~agruen/acl/linux-acls/online/ or man setfacl for more information on POSIX ACLs!

(Under Debian Wheezy (and possibly other systems too), this is located in /var/run/samba/winbindd_privileged. Because /var/run is a symlink to /run, you won't find it with grep)

Installation of FreeRADIUS

Download first the latest source of Openssl (0.9.7f was used for this HOWTO).

Extract the source files from tarball

Install openssl in /usr/local/openssl/

Download the latest version of FreeRADIUS from www.freeradius.org.

This document refers to version 3.0.0 of FreeRADIUS.

Install FreeRADIUS with the following option

In order to get FreeRADIUS working, the following files must be configured:

  • clients.conf
  • mods-available/mschap
  • mods-available/eap
  • users

Configuration of clients.conf

Please refer to the documentation contained within clients.conf to authorize additional NAS to connect to the server.

Your entry should look something like this example

The secret is a common password between the switch and RADIUS server. It is necessary to prevent the installation of wild access points. (Remember to set up the secret as well on your switch!)

Shortname is the IP address of your switch. (Watch out to use the correct one and not the IP address from this example!)

Nastype indicates the type of access point. In our case it is Cisco hardware.

If you have many NAS, it may be easier to specify a range and use the same shared secret for them all

mods-available/mschap

Open this file and set the following

with_ntdomain_hack is necessary to correct an error due to the challenge/response and the format in which the user information is sent.

The following line is the most important one. It allows using the Windows Domain Controller (Active Directory) for authentication.

Uncomment it and set the correct path to the ntlm_auth binary

You may also wish to add

When using machine authentication, you might want to try the following:

mods-available/eap

In this file we specify the authentication method used by FreeRADIUS. We chose the PEAP (Protected EAP) method because it allows to use MSCHAPv2, a challenge/response protocol to authenticate against an Active Directory Windows Domain.

Ad Info Free Installer Executor

Replace the line default_eap_type = md5 with default_eap_type = peap.

Proceed to section

Replace the line random_file = ${certdir}/random with random_file = /dev/urandom.

For this tutorial the rest of the settings are correct, as snakeoil certificates will have been created as part of the build process.

Configuration of users

The configuration of this file is not necesary to enable authentication against the Active Directory, it is only necessary for advanced usage of FreeRADIUS.

One of this advanced features, (among others) is the case when we want to have some local users which are available even when Active Directory is not.

Open your raddb/users file with your favorite editor and add one line per local user

and so on (Obviously, set your own local username and passwords).

Note the MS-CHAP-Use-NTLM-Auth := 0; in this line we are telling FreeRADIUS that username1 with password user-password1 will not be pre-processed by the ntlm_auth auxiliary program, i.e. it will not request the key to compare credentials against Active Directory, but instead, compare against the users file of the FreeRADIUS configuration directory.

It is important to verify that the line

Is uncommented in the authorize section of the sites-available/inner-tunnel.

Configuration of the supplicant

This chapter illustrates the configuration of a Windows XP supplicant. No additional installation is needed to do this.Unfortunately you cannot use this authentication method for Windows 2000 operating systems. Microsoft’s patch (Q313664_W2K_SP4_X86_EN.exe) makes it only available for wireless interface adapters.Perhaps third-party supplicant software may solve this issue, but I did not find any at the time of writing this tutorial.

First, for enhanced security install the FreeRADIUS server CA certificate (the CA that signed the cert you installed in eap.conf).

Open the network configuration panel select the network card and enter the properties.

Select the « Authentication » tab.

Activate « Enable IEEE 802.1X authentication for this network »For EAP type, chose « Protected EAP » from the list and then click the « Properties » button.

Certificate validation is strongly recommended for wireless configurations, and optional for wired deployments.

Select « Validate server certificate » and check ONLY the CA for your FreeRADIUS server (the one you installed above). Also select « Connect to these servers » and enter the Common Name of the server certificate.

If you are configuring a wired ethernet interface, you can leave certificate verification off in your supplicants: just deselect « Validate server certificate ».

Either way, select « EAP-MSCHAP v2 » as authentication method. Click the « Configure » button next.

Check if « Automatically use my Windows logon name and password (and domain if any) » is activated. Otherwise the user will be prompted to authenticate after Windows login.when using machine authentication, the following error might happen:

This is due to the fact that the FreeRadius server CA certificate was not 'imported' correctly. Follow the following steps to import the CA server certificate into the local computer account:

Ad Info Free Installer.exe

IX Self-signed certificatesTLS and PEAP require both server and client certificates. To generate the requested certificates, it is recommended to use the script « CA.all » that comes with FreeRADIUS.CA.all uses the configuration of the openssl.cnf file. It is possible to replace the certificates later by those obtained from a real certification authority.

Open the file openssl.cnf. It is located in /usr/local/openssl/ssl

Replace/add the following lines.Note that the config file contains the password < whatever >. It’s the certificate password.

Please replace the green items with the ones that correspond to your country and company

We are going to use this information 3 times when executing CA.all.

During the first pass, this information produces the root certificates.We can accept all default values while this pass.

Ad Info Free Installer Executive

The second pass produces the client certificates. We have to change the CommonName for the name ofthe client.

During the third pass, we have to change only the CommonName to the name of the server.

Ad Info Free Installer Exercises

Before executing the script, check the following line in the CA.all script

CA.all is located in the scripts subdirectory of FREERADIUS’ source directory. In case of doubt try the command.

When executing CA.all, we produce the 9 following certificates

The server needs the files root.pem and cert.srv.pem in order to work with PEAP.

Ad Info Free Installer Exercise

Move all the files to /etc/raddb/certs/. Do not forget the demoCA directory.

The original article was written by Charles Schwartz, Network Security Engineer.