I followed the tutorial
(http://deployingradius.com/documents/configuration/active_directory.html)
and seemed to have mschap working. I had configured freeradius to use
eap prior to setting up to work with AD, so not sure if anything I
already configured is conflicting.
Wanting to verify mschap was indeed working, I disabled the domain user
account, and verified I could no longer authenticate via freeradius. I
enabled the account again and can login from a LAN PC, but have not been
able to authenticate through wireless via freeradius. Wbinfo,
ntlm_auth, and radtest all work fine from the command line. and I have
added "DEFAULT Auth-Type = ntlm_auth " to the user file
Not sure how much to include from debug, but this seems to be the issue.
Have read up on other posts about this and have seen a variety of
reasons from a samba bug to running freeradius on 64bit.
Hoping it is just a config option I missed.
[mschap] No Cleartext-Password configured. Cannot create LM-Password.
[mschap] No Cleartext-Password configured. Cannot create NT-Password.
[mschap] Told to do MS-CHAPv2 for raymond with NT-Password
[mschap] FAILED: No NT/LM-Password. Cannot perform authentication.
[mschap] FAILED: MS-CHAP2-Response is incorrect
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
