Hi, I have a problem with the authentication of active directory users on freeradius.

I correctly set up samba and kerberos and if I write:

# ntlm_auth --request-nt-key --domain=mydomain --username=myuser

if I insert the correct password I receive the authentication ok.


My problem is to configure the mschap module on freeradius. My mschap config is:

mschap {
        auth-type = MS-CHAP
        with_ntdomain_hack = yes
ntlm_auth ="/usr/bin/ntlm_auth --request-nt-key --domain=%{mschap:NT-Domain} --username=%{mschap:User-Name} --challenge=%{mschap:Challenge:-00} --nt-response=%{mschap:NT-Response:-00}"
}

If I insert in the users file "DEFAULT Auth-Type := MS-CHAP", in the log file I read this error:

rlm_mschap: No User-Password configured. Cannot create LM-Password.
rlm_mschap: No User-Password configured. Cannot create NM-Password.
rlm_mschap: No MS-CHAP-Challenge in the request


If I remove the DAFAULT user in the users file in the log I can't find a mschap authentication and the user is reject.


What is wrong?


Thanks a lot

Bye Antonio

- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Reply via email to