[PacketFence-users] I cannot authorize with domain

Sinan Yosunkaya via PacketFence-users Thu, 10 Sep 2020 02:04:24 -0700

Hello brothers;
I was installed packetfence with "Installation Guide". I used "zen" image.
I was configured my hp procurve 2620 switch with "Network Devices
Configuration Guide".
Now when I connect my swicht ports and windows asked username and password.
I write my username password with domain (domain\user) ; packetfence audits
say "chrooted_mschap: Failed to read from child output"
when I write my username password without domain (onlyusername);
packetfence audits say "mschap: Program returned code (1) and output
'Reading winbind reply failed! (0xc0000001)'"
I add detailed records below.


Please! can someone guide me where i went wrong and what i can try?

Try username with domain;

RADIUS Request
NAS-Port-Type = Ethernet
PacketFence-Radius-Ip = "192.168.120.2"
Called-Station-Id = "20:67:7c:85:f6:c0"
Connect-Info = "CONNECT Ethernet 100Mbps Full duplex"
Realm = "default"
NAS-IP-Address = 192.168.120.6
MS-CHAP-User-Name = "mydomain\\myuser"
Tunnel-Private-Group-Id:0 = "68"
User-Name = "mydomain\\myuser"
NAS-Identifier = "HP-2620-24"
EAP-Message =
0x0208004a1a0208004531e8cce3c12867572f6c83592b4ce03de1000000000000000068dc994355a5b159fcb3b7c119c737d39404d87c2e6194d50067656b615c73796f73756e6b617961
MS-CHAP2-Response =
0x0865e8cce3c12867572f6c83592b4ce03de1000000000000000068dc994355a5b159fcb3b7c119c737d39404d87c2e6194d5
Framed-MTU = 1480
HP-Capability-Advert = 0x011a0000000b28
HP-Capability-Advert = 0x011a0000000b2e
HP-Capability-Advert = 0x011a0000000b30
HP-Capability-Advert = 0x011a0000000b3d
HP-Capability-Advert = 0x011a0000000b18
HP-Capability-Advert = 0x011a0000000b19
HP-Capability-Advert = 0x0138
HP-Capability-Advert = 0x013a
HP-Capability-Advert = 0x0140
HP-Capability-Advert = 0x0141
HP-Capability-Advert = 0x0151
PacketFence-Outer-User = "mydomain\\myuser"
MS-RAS-Vendor = 11
Service-Type = Framed-User
State = 0xcc18b544cc10af2c364b7e9848efaff9
FreeRADIUS-Proxied-To = 127.0.0.1
Tunnel-Type:0 = VLAN
EAP-Type = MSCHAPv2
NAS-Port-Id = "11"
Tunnel-Medium-Type:0 = IEEE-802
PacketFence-NTLMv2-Only = ""
Calling-Station-Id = "1c:c1:de:98:50:8e"
MS-CHAP-Challenge = 0x948c8d81099e6283216af2f952c2aecc
PacketFence-KeyBalanced = "0b6194eeda6f27090f846bfc88357fac"
Framed-Protocol = PPP
PacketFence-Domain = "mydomain"
Event-Timestamp = "Sep 10 2020 11:31:56 +03"
NAS-Port = 11
Stripped-User-Name = "myuser"
Module-Failure-Message = "chrooted_mschap: Failed to read from child output"
Module-Failure-Message = "chrooted_mschap: External script says: "
Module-Failure-Message = "chrooted_mschap: MS-CHAP2-Response is incorrect"
User-Password = "******"
SQL-User-Name = "mydomain\\\\myuser"
RADIUS Reply
MS-CHAP-Error = "\010E=691 R=0 C=1858f237e4a982211d083b77c540aeca V=3
M=Authentication rejected"
EAP-Message = 0x04080004
Message-Authenticator = 0x00000000000000000000000000000000

Try username without domain

RADIUS Request
NAS-Port-Type = Ethernet
PacketFence-Radius-Ip = "192.168.120.2"
Called-Station-Id = "20:67:7c:85:f6:c0"
Connect-Info = "CONNECT Ethernet 100Mbps Full duplex"
Realm = "null"
NAS-IP-Address = 192.168.120.6
MS-CHAP-User-Name = "myuser"
Tunnel-Private-Group-Id:0 = "68"
User-Name = "myuser"
NAS-Identifier = "HP-2620-24"
EAP-Message =
0x020800451a0208004031e70199ab83237b8b5615a8c54adfba53000000000000000026efd53fc094c1c0333eec0ab98c657fd233b40d32af71280073796f73756e6b617961
MS-CHAP2-Response =
0x0879e70199ab83237b8b5615a8c54adfba53000000000000000026efd53fc094c1c0333eec0ab98c657fd233b40d32af7128
Framed-MTU = 1480
HP-Capability-Advert = 0x011a0000000b28
HP-Capability-Advert = 0x011a0000000b2e
HP-Capability-Advert = 0x011a0000000b30
HP-Capability-Advert = 0x011a0000000b3d
HP-Capability-Advert = 0x011a0000000b18
HP-Capability-Advert = 0x011a0000000b19
HP-Capability-Advert = 0x0138
HP-Capability-Advert = 0x013a
HP-Capability-Advert = 0x0140
HP-Capability-Advert = 0x0141
HP-Capability-Advert = 0x0151
PacketFence-Outer-User = "myuser"
MS-RAS-Vendor = 11
Service-Type = Framed-User
State = 0x75f20d6275fa17155a004a0010522e06
FreeRADIUS-Proxied-To = 127.0.0.1
Tunnel-Type:0 = VLAN
EAP-Type = MSCHAPv2
NAS-Port-Id = "11"
Tunnel-Medium-Type:0 = IEEE-802
PacketFence-NTLMv2-Only = ""
Calling-Station-Id = "1c:c1:de:98:50:8e"
MS-CHAP-Challenge = 0xdb537c393d70e8cede2dccc5cb8bbcb1
PacketFence-KeyBalanced = "7a9b9fff43732738302cd341eb1a1bab"
Framed-Protocol = PPP
Event-Timestamp = "Sep 10 2020 11:13:12 +03"
NAS-Port = 11
Stripped-User-Name = "myuser"
Module-Failure-Message = "mschap: Program returned code (1) and output
'Reading winbind reply failed! (0xc0000001)'"
Module-Failure-Message = "mschap: Reading winbind reply failed!
(0xc0000001)"
User-Password = "******"
SQL-User-Name = "myuser"
RADIUS Reply
MS-CHAP-Error = "\010E=691 R=0 C=58f40246af72174800e59e5101288336 V=3
M=Authentication failed"
EAP-Message = 0x04080004
Message-Authenticator = 0x00000000000000000000000000000000

--

_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users

[PacketFence-users] I cannot authorize with domain

Reply via email to