Hello, my freeradius(v1.0.2) is now running with ntlm_auth and it works a little bit. I think logs are better than my explanations so (this is a part of freeradius logs):
rlm_mschap: No User-Password configured. Cannot create LM-Password. rlm_mschap: No User-Password configured. Cannot create NT-Password. rlm_mschap: Told to do MS-CHAPv2 for radius with NT-Password radius_xlat: '/usr/bin/ntlm_auth --request-nt-key --username=radius' Exec-Program: /usr/bin/ntlm_auth --request-nt-key --username=radius password: At this moment, I've already entered my user name and my password with the client but the server waits here if I don't enter the password a second time. After entering the password, I have this : Exec-Program output: NT_STATUS_OK: Success (0x0) Exec-Program-Wait: plaintext: NT_STATUS_OK: Success (0x0) Exec-Program: returned: 0 rlm_mschap: Invalid output from ntlm_auth: expecting NT_KEY rlm_mschap: FAILED: MS-CHAP2-Response is incorrect modcall[authenticate]: module "mschap" returns reject for request 15 modcall: group Auth-Type returns reject for request 15 rlm_eap: Freeing handler modcall[authenticate]: module "eap" returns reject for request 15 modcall: group authenticate returns reject for request 15 auth: Failed to validate the user. Login incorrect: [radius/<no User-Password attribute>] (from client localhost port 0) PEAP: Tunneled authentication was rejected. rlm_eap_peap: FAILURE modcall[authenticate]: module "eap" returns handled for request 15 modcall: group authenticate returns handled for request 15 To conclude, I don't really understand why it doesn't work so if you have an idea please tell it to me. Thank you, Sylvain Clerc. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
