On Wednesday 30 March 2011 15:52:31 Phil Mayers wrote: > First, there's no need to email me directly; I read the list. I totally agree with you I just missed to exchange the recipient address (and after noticing that i also sent it to the list)... sorry! > You *only* set: > with_ntdomain_hack = yes > ...in modules/mschap. > DO NOT set it anywhere else - this basically does exactly the same thing > you were doing earlier (rewriting the *real* username) and causes EAP to > break. Sorry but that didn't help either. I did -- like you suggested -- set 'with_ntdomain_hack' back to 'no' everywhere except for modules/mschap but I still get that '[...] not the same as [...]' error message.
[mschapv2] # Executing group from file /etc/freeradius/sites-enabled/inner-tunnel [mschapv2] +- entering group MS-CHAP {...} [mschap] No Cleartext-Password configured. Cannot create LM-Password. [mschap] Found NT-Password [mschap] ERROR: User-Name (winmac\tom1) is not the same as MS-CHAP Name (tom1) from EAP-MSCHAPv2 ++[mschap] returns reject Again a full log is appended. My modules/mschap currently looks like this (i suppose that the above problems might arise from it): mschap { use_mppe = yes require_encryption = yes require_strong = yes with_ntdomain_hack = yes } Regards Tom - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html