Nope - no love! I'll capture a successful PEAP login when I manually enter the credentials, and the failed login when using the "windows" credentials.
Standby. Gary -----Original Message----- From: freeradius-users-bounces+ggatten=waddell....@lists.freeradius.org [mailto:freeradius-users-bounces+ggatten=waddell....@lists.freeradius.or g] On Behalf Of Alan Buxey Sent: Thursday, August 20, 2009 2:14 PM To: FreeRadius users mailing list Subject: Re: MS 8021.x PEAP failing Hi, > If in my PEAP conf I uncheck "Automatically use my Windows logon name > and password" and enter my username/password manually - I auth fine. > > I've been playing around with conf/module files trying to strip the > DOMAIN out of my login request - but no luck! this pretty muhc works out of the box... you just need to ensure that in your mschap module you have with_ntdomain_hack = yes and the ntlm_auth line needs to look like /usr/bin/ntlm_auth --request-nt-key --username=%{%{mschap:User-Name}:-%{User-Name:-None}} --challenge=%{mschap:Challenge:-00} --nt-response=%{mschap:NT-Response:-00} (if using eg AD) this should happily deal with the 'windows logon' issue alan - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html <font size="1"> <div style='border:none;border-bottom:double windowtext 2.25pt;padding:0in 0in 1.0pt 0in'> </div> "This email is intended to be reviewed by only the intended recipient and may contain information that is privileged and/or confidential. If you are not the intended recipient, you are hereby notified that any review, use, dissemination, disclosure or copying of this email and its attachments, if any, is strictly prohibited. If you have received this email in error, please immediately notify the sender by return email and delete this email from your system." </font> - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html