On Tue, Apr 24, 2012 at 09:24:42AM +0000, Morris, Andi wrote:
> My freeradius server seems to be falling back to local
> authentication rather than piping it out to our ADS server. If
> I create a local user on the radius box authentication is
> successful. Can anyone please help with this? All relevant
> info I can think of is below.
Initial guess - you've set MS-CHAP-Use-NTLM-Auth = Yes somewhere
(check for broken entries in your users file, etc), so mschap
isn't even trying to call ntlm_auth.
> [mschapv2] # Executing group from file
> /etc/raddb/sites-enabled/packetfence-tunnel
> [mschapv2] +- entering group MS-CHAP {...}
> [mschap] No Cleartext-Password configured. Cannot create LM-Password.
> [mschap] No Cleartext-Password configured. Cannot create NT-Password.
> [mschap] Creating challenge hash with username: sm18818
> [mschap] Told to do MS-CHAPv2 for sm18818 with NT-Password
> [mschap] FAILED: No NT/LM-Password. Cannot perform authentication.
> [mschap] FAILED: MS-CHAP2-Response is incorrect
Matthew
--
Matthew Newton, Ph.D. <m...@le.ac.uk>
Systems Architect (UNIX and Networks), Network Services,
I.T. Services, University of Leicester, Leicester LE1 7RH, United Kingdom
For IT help contact helpdesk extn. 2253, <ith...@le.ac.uk>
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
