I am using Microsoft 2003 Active Directory Server , the way wifi (MSCHAPv2) works is with ntlm_auth , which does the authentication. - your LDAP module isn't setting Auth-Type for some reason This is happening because of http://lists.freeradius.org/pipermail/freeradius-users/2008-May/027962.html and if I do the way its suggested , Auth Type get set to ldap_secondary. If this works, how this is going to solved because what I saw that it still doesn't do mschapv2.
The way it works with wifi or radtest is , Auth-Type is set to EAP (it refers to eap.conf ) , it goes to mschap modules(set up TLS channel and then under that) , from there its told to use external program ntlm_auth , which does the authentication and tells radius if its OK or not. What i was trying , is to get similar way working with captive portal as well. On Fri, Apr 19, 2013 at 7:29 PM, Matthew Newton <m...@leicester.ac.uk>wrote: > On Fri, Apr 19, 2013 at 06:15:09PM +0530, Chitrang Srivastava wrote: > > tried what Matthew suggest , in authorize section and it worked. Whole > > issue is captive portal is sending a non-EAP message with User-Password > set > > , in this case we have to set auth type as ldap. > > It's obvious from your debug output that > > - your LDAP module isn't setting Auth-Type for some reason > - your LDAP server isn't returning any sort of password (plain or > crypted) > > and therefore you probably need to try and do that horrible hack > of binding to the LDAP server to auth. Really, Alan is right - > LDAP is not an authentication server, even though lots of people > seem to think it is. > > Hence the suggestion to "fix" your problem by setting Auth-Type, > iff it has not already been set, when not doing EAP and > User-Password is supplied. > > The best solution is to fixup your LDAP server to return the > crypted password back to FreeRADIUS. Like already pointed out, if > it's AD, this isn't likely to happen. > > Matthew > > > -- > Matthew Newton, Ph.D. <m...@le.ac.uk> > > Systems Specialist, Infrastructure Services, > I.T. Services, University of Leicester, Leicester LE1 7RH, United Kingdom > > For IT help contact helpdesk extn. 2253, <ith...@le.ac.uk> > - > List info/subscribe/unsubscribe? See > http://www.freeradius.org/list/users.html >
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
