Are you sure that you have the CA certificate you're using with FreeRADIUS installed on the XP system you're using as a supplicant? This could be a symptom of XP not recognizing the signer of the certificate presented in the 802.1x conversation and refusing to continue authentication.
FYI, here, we're using the ntPassword attribute in LDAP *without* the 0x in front, and its working fine. The code will use it either way. --Mike On Thu, 2004-11-04 at 10:58, Daniel Davidson wrote: > It never gives one with this configuration, it just keeps repeating the > same request over and over again, never accepting or rejecting after the > Access-Challenge is sent back to the access point. > > Dan > > > On Thu, 2004-11-04 at 10:48, Alan DeKok wrote: > > Daniel Davidson <[EMAIL PROTECTED]> wrote: > > > while looking at the radiusd.conf file, I noticed that the ldap area > > > said something about that to use the sambaNTPassword field that it has > > > to start with a 0x. Does this mean that in LDAP that this value must be > > > stored as: > > > > > > sambaNTPassword: 0x01FC5A6BE7BC6929AAD3B435B51404EE > > > > I don't think that's necessary. The MS-CHAP module is the only one > > which interprets that string, and it is forgiving of the format. > > > > The larger issue is that the debug log you posted doesn't finish. > > i.e. It doesn't contain a reject OR a success. Get a debug log with > > an accept or reject, and it will then be possible to tell what's going > > on. > > > > Alan DeKok. > > > > > > - > > List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html > > > - > List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html -- --Mike ----------------------------------- Michael Griego Wireless LAN Project Manager The University of Texas at Dallas - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html