AW: Problem with ntlm_auth

Thu, 09 Oct 2008 04:00:59 -0700 

OK, I have tested it with "radtest MyUser MyPassword localhost 0 testing123" 
and this is what the server gave back:

 

Ready to process requests.

rad_recv: Access-Request packet from host 127.0.0.1 port 32793, id=92, length=58

        User-Name = "MyUser"

        User-Password = "MyPassword"

        NAS-IP-Address = IP.OF.THE.SERVER

        NAS-Port = 0

+- entering group authorize {...}

++[preprocess] returns ok

++[chap] returns noop

++[mschap] returns noop

[suffix] No '@' in User-Name = "MyUser", looking up realm NULL

[suffix] No such realm "NULL"

++[suffix] returns noop

[eap] No EAP-Message, not doing EAP

++[eap] returns noop

++[unix] returns notfound

++[files] returns noop

++[expiration] returns noop

++[logintime] returns noop

[pap] WARNING! No "known good" password found for the user.  Authentication may 
fail because of this.

++[pap] returns noop

No authenticate method (Auth-Type) configuration found for the request: 
Rejecting the user

Failed to authenticate the user.

Using Post-Auth-Type Reject

+- entering group REJECT {...}

[attr_filter.access_reject]     expand: %{User-Name} -> MyUser

 attr_filter: Matched entry DEFAULT at line 11

++[attr_filter.access_reject] returns updated

Delaying reject of request 0 for 1 seconds

Going to the next request

Waking up in 0.9 seconds.

Sending delayed reject for request 0

Sending Access-Reject of id 92 to 127.0.0.1 port 32793

Waking up in 4.9 seconds.

Cleaning up request 0 ID 92 with timestamp +3710

Ready to process requests.

 

Now what should I do?
Thanks in advance.

 

Von: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Im Auftrag von Syed Anwarul 
Hasan
Gesendet: Donnerstag, 9. Oktober 2008 12:12
An: FreeRadius users mailing list
Betreff: Re: Problem with ntlm_auth

 

Hi,
You can use radtest tool to check with the Server.The Server will return 
accept-accept message.
Other tool includes JRadius Simulator as IVAN told. bu I have not used it.
Otherwise If you have a Native PEAP or TTLS client, you can sent MSCHAP 
requests to use ntlm_auth with Active DIRECTORY or LDAP server backend.(if you 
have)

SYED



On Thu, Oct 9, 2008 at 11:54 AM, <[EMAIL PROTECTED]> wrote:

Thanks, now it works :)

 

Now the last step: How can I test it? What tool/program etc. can/should I use 
to test it?

"The radclient cannot currently be used to send this request, unfortunately, 
which makes testing a little difficult If everything goes well, you should see 
the server returning an Access-Accept 
<http://freeradius.org/rfc/rfc2865.html#Access-Accept>  message as above."

 

Mit freundlichen Grüßen / Kind regards

Frederik Niedernolte
-------------------------------------------------------
arvato services
An der Autobahn
33310 Gütersloh
Germany
http://www.arvato-services.de
[EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]> 
Tel.:      +49 (0)5241 80-40554

arvato services GmbH: Sitz Gütersloh | Amtsgericht Gütersloh HRB 3826 | 
Geschäftsführer Ralf Bierfischer, Bodo Krönfeld, Markus Schmedtmann, Eckhard 
Südmersen

 

Von: [EMAIL PROTECTED] [mailto:freeradius-users-bounces+frederik.niedernolte 
<mailto:freeradius-users-bounces%2Bfrederik.niedernolte> [EMAIL PROTECTED] Im 
Auftrag von Syed Anwarul Hasan
Gesendet: Donnerstag, 9. Oktober 2008 11:44
An: FreeRadius users mailing list
Betreff: Re: Problem with ntlm_auth

 

Hi Frederik,

1) Put User entry on TOP of users file.
2) In default file, in authenticate section, add ntlm_auth. Don't set using 
Auth-Type.
3) Also in Sites-enabled/inner-tunnel which is Virtual Server Inner Tunnel. Add 
ntlm_auth in Authenticate Section.

I hope it will solve your problem.
SYED



On Thu, Oct 9, 2008 at 11:17 AM, <[EMAIL PROTECTED]> wrote:

I have finished all steps till "user     Auth-Type := ntlm_auth" from 
http://deployingradius.com/documents/configuration/active_directory.html.

With this command I get this error message at the end of "/usr/sbin/freeradius 
-X":

 

/etc/freeradius/users[1]: Parse error (check) for entry MyUser: Unknown value 
ntlm_auth for attribute Auth-Type

Errors reading /etc/freeradius/users

/etc/freeradius/modules/files[7]: Instantiation failed for module "files"

/etc/freeradius/sites-enabled/inner-tunnel[111]: Failed to find module "files".

/etc/freeradius/sites-enabled/inner-tunnel[34]: Errors parsing authorize 
section.

 }

}

Errors initializing modules

 

The authenticate section in the /etc/freeradius/sites-enabled/default looks 
like this (only important part):

 

authenticate {

#

#  NTML_AUTH authentication.

Auth-Type ntlm_auth {

       ntlm_auth

}

 

What is wrong and what can I do to solve the problem?

Thanks in advance.

Best regards, F. Niedernolte


-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

 


-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

 


-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Reply via email to