> Thanks for the catch on listing ntlm_auth in authorize. I followed the > deployingradius.com link. I'm still not getting it. I tried uncommenting > the ntlm_auth = line in the mschap file. I got the same result. >
> +- entering group authorize {...} > ++[preprocess] returns ok > ++[chap] returns noop > ++[mschap] returns noop > [suffix] No '@' in User-Name = "DOM002\MD90345", looking up realm NULL > [suffix] No such realm "NULL" > ++[suffix] returns noop > ++[unix] returns notfound > [files] users: Matched entry DEFAULT at line 174 > ++[files] returns ok > ++[expiration] returns noop > ++[logintime] returns noop > [ntlm_auth] expand: --username=%{mschap:User-Name} -> ntlm_auth is still listed in authorize (only lower down the order). Remove it from there. And what happened to eap? It should be before unix, files, etc. > including configuration file /etc/raddb/modules/mschap ... > Module: Instantiating mschap > mschap { > use_mppe = yes > require_encryption = yes > require_strong = yes > with_ntdomain_hack = yes > } You haven't enabled ntlm_auth in mschap module. You only have it as standalone exec script. Ivan Kalik Kalik Informatika ISP - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html