Following on an earlier thread: http://lists.freeradius.org/pipermail/freeradius-users/2010-June/msg00116.html
Of which I couldn't get any answer unfortunately.. I am experiencing a similar problem. I am running freeradius that comes installed and configured with MacOS 10.6 server. A Windows XP can connect just fine using Microsoft Protected EAP. iPhone, mac os client connect just fine using EAP-TTLS Windows 7 will connect fine using Securew2 EAP-TTLS supplicant ; but not with the default build-in PEAP. I have modified module/mschap as followed, as per various instructions: # Microsoft CHAP authentication # # This module supports MS-CHAP and MS-CHAPv2 authentication. # It also enforces the SMB-Account-Ctrl attribute. # mschap { # # If you are using /etc/smbpasswd, see the 'passwd' # module for an example of how to use /etc/smbpasswd authtype = MS-CHAP # if use_mppe is not set to no mschap will # add MS-CHAP-MPPE-Keys for MS-CHAPv1 and # MS-MPPE-Recv-Key/MS-MPPE-Send-Key for MS-CHAPv2 # use_mppe = yes # if mppe is enabled require_encryption makes # encryption moderate # require_encryption = yes # require_strong always requires 128 bit key # encryption # require_strong = yes # Windows sends us a username in the form of # DOMAIN\user, but sends the challenge response # based on only the user portion. This hack # corrects for that incorrect behavior. # with_ntdomain_hack = yes # The module can perform authentication itself, OR # use a Windows Domain Controller. This configuration # the "best" user name for the request. # ntlm_auth = "/usr/bin/ntlm_auth --request-nt-key --username=%{Stripped-User-Name:-%{User-Name:-None}} --challenge=%{mschap:Challenge:-00} --nt-response=%{mschap:NT-Response:-00}" } In the log, when connecting using Windows XP I would see: Thu Aug 26 02:04:20 2010 : Info: rlm_sql_sqlite: sqlite3_open() = 0 Thu Aug 26 02:04:20 2010 : Info: rlm_sql_sqlite: Opening sqlite database /private/etc/raddb/sqlite_radius_client_database for #4 Thu Aug 26 02:04:20 2010 : Info: rlm_sql_sqlite: sqlite3_open() = 0 Thu Aug 26 02:04:20 2010 : Info: Ready to process requests. Thu Aug 26 02:07:43 2010 : Auth: rlm_opendirectory: User <jean-yves.avenard> is authorized. When connecting with Windows 7, I would read: Thu Aug 26 02:21:52 2010 : Auth: rlm_opendirectory: Could not get the user's uuid. Thu Aug 26 02:21:53 2010 : Error: rlm_mschap: getUserNodeRef(): dsGetRecordList() status = 0, recCount=0 Any hint about what I should be looking at? Mind new, I'm a complete noob when it comes to radius, I only started playing with it 2 days ago. Thank you for your help troubleshooting this matter. Regards Jean-Yves - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html