On Thu, 30 Sep 2004, Andrew Werbowy wrote: > Hi, > > Are there any MS-CHAP howtos out there?
No, but the same question is posted each day in the users list. Check doc/rlm_ldap on how to configure rlm_ldap to extract user passwords. > This is what I get and cannot pass this issue: > Any ideas? > > Nothing to do. Sleeping until we see a request. > rad_recv: Access-Request packet from host 1.155.6.61:32781, id=124, > length=139 > Service-Type = Framed-User > Framed-Protocol = PPP > User-Name = "tor_sysop_2" > MS-CHAP-Challenge = 0xf1034bfb797390bb8569b655dcbef6ad > MS-CHAP2-Response = > 0x010023393b00eac7d99e5e406009f7a3095100000000000000007bbd763aa997eedcf4175ab457d3740a0bc42cca7343f686 > NAS-IP-Address = 1.155.6.61 > NAS-Port = 0 > Processing the authorize section of radiusd.conf > modcall: entering group authorize for request 3 > modcall[authorize]: module "preprocess" returns ok for request 3 > modcall[authorize]: module "chap" returns noop for request 3 > rlm_mschap: Found MS-CHAP attributes. Setting 'Auth-Type = > MS-CHAP' > modcall[authorize]: module "mschap" returns ok for request 3 > rlm_realm: No '@' in User-Name = "tor_sysop_2", looking up realm > NULL > rlm_realm: No such realm "NULL" > modcall[authorize]: module "suffix" returns noop for request 3 > rlm_eap: No EAP-Message, not doing EAP > modcall[authorize]: module "eap" returns noop for request 3 > users: Matched DEFAULT at 164 > users: Matched DEFAULT at 167 > users: Matched DEFAULT at 186 > users: Matched DEFAULT at 198 > modcall[authorize]: module "files" returns ok for request 3 > rlm_ldap: - authorize > rlm_ldap: performing user authorization for tor_sysop_2 > radius_xlat: '(uid=tor_sysop_2)' > radius_xlat: 'o=cbcsrc' > rlm_ldap: ldap_get_conn: Checking Id: 0 > rlm_ldap: ldap_get_conn: Got Id: 0 > rlm_ldap: performing search in o=cbcsrc, with filter (uid=tor_sysop_2) > rlm_ldap: looking for check items in directory... > rlm_ldap: looking for reply items in directory... > rlm_ldap: user tor_sysop_2 authorized to use remote access > rlm_ldap: ldap_release_conn: Release Id: 0 > modcall[authorize]: module "ldap" returns ok for request 3 > modcall: group authorize returns ok for request 3 > rad_check_password: Found Auth-Type MS-CHAP > auth: type "MS-CHAP" > Processing the authenticate section of radiusd.conf > modcall: entering group Auth-Type for request 3 > rlm_mschap: No User-Password configured. Cannot create LM-Password. > rlm_mschap: No User-Password configured. Cannot create NT-Password. > rlm_mschap: Told to do MS-CHAPv2 for tor_sysop_2 with NT-Password > rlm_mschap: FAILED: No NT/LM-Password. Cannot perform > authentication. > rlm_mschap: FAILED: MS-CHAP2-Response is incorrect > modcall[authenticate]: module "mschap" returns reject for request 3 > modcall: group Auth-Type returns reject for request 3 > auth: Failed to validate the user. > Login incorrect: [tor_sysop_2/<no User-Password attribute>] (from > client bluesocket port 0) > > -- Kostas Kalevras Network Operations Center [EMAIL PROTECTED] National Technical University of Athens, Greece Work Phone: +30 210 7721861 'Go back to the shadow' Gandalf - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html