Hi Ivan: I did what you recommended but it didn´t work.
The output of my FreeRadius (radiusd -X) was : Ready to process requests. rad_recv: Access-Request packet from host 10.4.3.248:32768, id=97, length=65 User-Name = "copel\\charles" User-Password = "password" Service-Type = Authenticate-Only NAS-IP-Address = 200.195.147.120 Processing the authorize section of radiusd.conf modcall: entering group authorize for request 0 modcall[authorize]: module "preprocess" returns ok for request 0 modcall[authorize]: module "chap" returns noop for request 0 modcall[authorize]: module "mschap" returns noop for request 0 rlm_realm: No '@' in User-Name = "copel\charles", looking up realm NULL rlm_realm: No such realm "NULL" modcall[authorize]: module "suffix" returns noop for request 0 rlm_eap: No EAP-Message, not doing EAP modcall[authorize]: module "eap" returns noop for request 0 modcall[authorize]: module "files" returns notfound for request 0 rlm_pap: WARNING! No "known good" password found for the user. Authentication may fail because of this. modcall[authorize]: module "pap" returns noop for request 0 modcall: leaving group authorize (returns ok) for request 0 auth: No authenticate method (Auth-Type) configuration found for the request: Rejecting the user auth: Failed to validate the user. Delaying request 0 for 1 seconds Finished request 0 Going to the next request --- Walking the entire request list --- Waking up in 1 seconds... --- Walking the entire request list --- Waking up in 1 seconds... --- Walking the entire request list --- Sending Access-Reject of id 97 to 10.4.3.248 port 32768 Waking up in 4 seconds... --- Walking the entire request list --- Cleaning up request 0 ID 97 with timestamp 46ee867a Nothing to do. Sleeping until we see a request. Any idea ? Best Regards, Charles. <[EMAIL PROTECTED]> Enviado Por: [EMAIL PROTECTED] 14/09/2007 16:48 Favor responder a FreeRadius users mailing list Para: "FreeRadius users mailing list" <freeradius-users@lists.freeradius.org> cc: cco: Charles Alcantara Borba/COPEL Assunto: Re: Configuring FreeRADIUS to use ntlm_auth Auth-Type System is coming from the DEFAULT entry towards the end of users file. Comment it out. Ivan Kalik Kalik Informatika ISP Dana 14/9/2007, "[EMAIL PROTECTED]" <[EMAIL PROTECTED]> pi?e: >Alan: > >> Now I am trying to "Configuring my FreeRadius to use ntlm_auth for >> MS-CHAP" to authenticate my NT users, ok ? > > The page does document that. >==> I am trying to following this document. > >> After that I configure the radiusd.conf file with the necessary changes >> (about ntlm_auth), I am trying to test the authenticate with a valid >> user of my NT Domain (by radtest) and the FreeRadius reject it. > > radtest doesn't do MS-CHAP. The page tries to make this clear. >==> Sorry ... but I hadn´t understood it (I thought that just radclient >doesn´t work). Now I know that radtest too ... > >> The output of my FreeRadius´s console: >.... >> rad_check_password: Found Auth-Type System > > You've done rather a lot more than just add "ntlm_auth" to the >"authenticate" section. This means that the config that previously >worked... now doesn't work. >==> I think this configuration is original (FreeRadius instalation´s). >Because, in the previous test this configuration was already there. And >the previous test works (Configuring FreeRADIUS to use ntlm_auth)! > > Go back to using the working configuration, and use a client that does >MS-CHAP. This usually means trying a real login, without using >"radtest" or "radclient". >==> I tried to use the working configuration with a real login, but the >behavior is the same, it appears the message that you mencioned: >"rad_check_password: Found Auth-Type System" > >Can you help me ? >Best Regards, >Charles. > > - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html Esta mensagem e seus anexos foram verificados por software anti-vírus. Recomenda-se que no sejam abertos e/ou executados anexos de mensagens de conteúdo ou remetente duvidoso.
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html