Hi Francois, Yes a manual ntlm_auth is working just fine. There isn't an mschap.rpmnew no, I do have an mschap.mbkp file in there though.
I also brought this up on the freeradius mailing list, and Alan Dekok mentioned the " DEFAULT EAP-Message !* "", Auth-Type := Accept" entry inside the raddb/users file, which will try to bypass all authentication. I presume this gets put there by packetfence because it is also there on my PF dev box, but I just wanted to clarify. Cheers, Andi -----Original Message----- From: Francois Gaudreault [mailto:[email protected]] Sent: 24 April 2012 13:06 To: [email protected] Subject: Re: [Packetfence-users] New install of v3.3, freeradius issues Hi Andi, > Was there any thoughts with this? I’ve performed the upgrade to 3.3.2 > and done the freeradius install and reinstall as mentioned in the > upgrade document, but this is still happening and I can’t fathom it. If you do a manual ntlm_auth on the machine, is it working? > [mschap] No Cleartext-Password configured. Cannot create LM-Password. > [mschap] No Cleartext-Password configured. Cannot create NT-Password. > [mschap] Creating challenge hash with username: sm18818 [mschap] Told > to do MS-CHAPv2 for sm18818 with NT-Password [mschap] FAILED: No > NT/LM-Password. Cannot perform authentication. > [mschap] FAILED: MS-CHAP2-Response is incorrect > Is it possible you have a mschap.rpmnew in /etc/raddb/modules? -- Francois Gaudreault, ing. jr [email protected] :: +1.514.447.4918 (x130) :: www.inverse.ca Inverse inc. :: Leaders behind SOGo (www.sogo.nu) and PacketFence (www.packetfence.org) ------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ _______________________________________________ Packetfence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users ________________________________ From 1st November 2011 UWIC changed its title to Cardiff Metropolitan University. From the 6th December 2011, as part of this change, all email addresses which included @uwic.ac.uk have changed to @cardiffmet.ac.uk. All emails sent from Cardiff Metropolitan University will now be sent from the new @cardiffmet.ac.uk address. Please could you ensure that all of your contact records and databases are updated to reflect this change. Further information can be found on the website here.<http://www3.uwic.ac.uk/English/News/Pages/UWIC-Name-Change.aspx> Ar Dachwedd y 1af 2011 newidiodd UWIC ei henw i Brifysgol Fetropolitan Caerdydd. O Ragfyr 6ed, fel rhan o'r newid yma, bydd pob cyfeiriad e-bost sy'n cynnwys @uwic.ac.uk yn newid i @cardiffmet.ac.uk. Bydd yr holl ebyst a ddanfonir o Brifysgol Fetropolitan Caerdydd yn cael eu danfon o‘r cyfeiriad @cardiffmet.ac.uk newydd. Gwnewch yn siwr eich bod yn diweddaru eich cofnodion cyswllt a'ch cronfeydd data i adlewyrchu hyn. Gellir cael rhagor o wybodaeth ar y wefan yma.<http://www3.uwic.ac.uk/English/News/Pages/UWIC-Name-Change.aspx> ------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ _______________________________________________ Packetfence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users
