Hello Sinan, Did you join your PF server to your domain ? If yes, did you restart your radius services after the join? Did you configure the realms to forward the ntlm authentication to the correct ?
/usr/local/pf/bin/pfcmd service radiusd restart Thanks, Ludovic Zammit [email protected] <mailto:[email protected]> :: +1.514.447.4918 (x145) :: www.inverse.ca <http://www.inverse.ca/> Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu <http://www.sogo.nu/>) and PacketFence (http://packetfence.org <http://packetfence.org/>) > On Sep 10, 2020, at 4:48 AM, Sinan Yosunkaya via PacketFence-users > <[email protected]> wrote: > > Hello brothers; > I was installed packetfence with "Installation Guide". I used "zen" image. > I was configured my hp procurve 2620 switch with "Network Devices > Configuration Guide". > Now when I connect my swicht ports and windows asked username and password. > I write my username password with domain (domain\user) ; packetfence audits > say "chrooted_mschap: Failed to read from child output" > when I write my username password without domain (onlyusername); > packetfence audits say "mschap: Program returned code (1) and output 'Reading > winbind reply failed! (0xc0000001)'" > I add detailed records below. > > Please! can someone guide me where i went wrong and what i can try? > > Try username with domain; > RADIUS Request > NAS-Port-Type = Ethernet > PacketFence-Radius-Ip = "192.168.120.2" > Called-Station-Id = "20:67:7c:85:f6:c0" > Connect-Info = "CONNECT Ethernet 100Mbps Full duplex" > Realm = "default" > NAS-IP-Address = 192.168.120.6 > MS-CHAP-User-Name = "mydomain\\myuser" > Tunnel-Private-Group-Id:0 = "68" > User-Name = "mydomain\\myuser" > NAS-Identifier = "HP-2620-24" > EAP-Message = > 0x0208004a1a0208004531e8cce3c12867572f6c83592b4ce03de1000000000000000068dc994355a5b159fcb3b7c119c737d39404d87c2e6194d50067656b615c73796f73756e6b617961 > MS-CHAP2-Response = > 0x0865e8cce3c12867572f6c83592b4ce03de1000000000000000068dc994355a5b159fcb3b7c119c737d39404d87c2e6194d5 > Framed-MTU = 1480 > HP-Capability-Advert = 0x011a0000000b28 > HP-Capability-Advert = 0x011a0000000b2e > HP-Capability-Advert = 0x011a0000000b30 > HP-Capability-Advert = 0x011a0000000b3d > HP-Capability-Advert = 0x011a0000000b18 > HP-Capability-Advert = 0x011a0000000b19 > HP-Capability-Advert = 0x0138 > HP-Capability-Advert = 0x013a > HP-Capability-Advert = 0x0140 > HP-Capability-Advert = 0x0141 > HP-Capability-Advert = 0x0151 > PacketFence-Outer-User = "mydomain\\myuser" > MS-RAS-Vendor = 11 > Service-Type = Framed-User > State = 0xcc18b544cc10af2c364b7e9848efaff9 > FreeRADIUS-Proxied-To = 127.0.0.1 > Tunnel-Type:0 = VLAN > EAP-Type = MSCHAPv2 > NAS-Port-Id = "11" > Tunnel-Medium-Type:0 = IEEE-802 > PacketFence-NTLMv2-Only = "" > Calling-Station-Id = "1c:c1:de:98:50:8e" > MS-CHAP-Challenge = 0x948c8d81099e6283216af2f952c2aecc > PacketFence-KeyBalanced = "0b6194eeda6f27090f846bfc88357fac" > Framed-Protocol = PPP > PacketFence-Domain = "mydomain" > Event-Timestamp = "Sep 10 2020 11:31:56 +03" > NAS-Port = 11 > Stripped-User-Name = "myuser" > Module-Failure-Message = "chrooted_mschap: Failed to read from child output" > Module-Failure-Message = "chrooted_mschap: External script says: " > Module-Failure-Message = "chrooted_mschap: MS-CHAP2-Response is incorrect" > User-Password = "******" > SQL-User-Name = "mydomain\\\\myuser" > RADIUS Reply > MS-CHAP-Error = "\010E=691 R=0 C=1858f237e4a982211d083b77c540aeca V=3 > M=Authentication rejected" > EAP-Message = 0x04080004 > Message-Authenticator = 0x00000000000000000000000000000000 > > Try username without domain > RADIUS Request > NAS-Port-Type = Ethernet > PacketFence-Radius-Ip = "192.168.120.2" > Called-Station-Id = "20:67:7c:85:f6:c0" > Connect-Info = "CONNECT Ethernet 100Mbps Full duplex" > Realm = "null" > NAS-IP-Address = 192.168.120.6 > MS-CHAP-User-Name = "myuser" > Tunnel-Private-Group-Id:0 = "68" > User-Name = "myuser" > NAS-Identifier = "HP-2620-24" > EAP-Message = > 0x020800451a0208004031e70199ab83237b8b5615a8c54adfba53000000000000000026efd53fc094c1c0333eec0ab98c657fd233b40d32af71280073796f73756e6b617961 > MS-CHAP2-Response = > 0x0879e70199ab83237b8b5615a8c54adfba53000000000000000026efd53fc094c1c0333eec0ab98c657fd233b40d32af7128 > Framed-MTU = 1480 > HP-Capability-Advert = 0x011a0000000b28 > HP-Capability-Advert = 0x011a0000000b2e > HP-Capability-Advert = 0x011a0000000b30 > HP-Capability-Advert = 0x011a0000000b3d > HP-Capability-Advert = 0x011a0000000b18 > HP-Capability-Advert = 0x011a0000000b19 > HP-Capability-Advert = 0x0138 > HP-Capability-Advert = 0x013a > HP-Capability-Advert = 0x0140 > HP-Capability-Advert = 0x0141 > HP-Capability-Advert = 0x0151 > PacketFence-Outer-User = "myuser" > MS-RAS-Vendor = 11 > Service-Type = Framed-User > State = 0x75f20d6275fa17155a004a0010522e06 > FreeRADIUS-Proxied-To = 127.0.0.1 > Tunnel-Type:0 = VLAN > EAP-Type = MSCHAPv2 > NAS-Port-Id = "11" > Tunnel-Medium-Type:0 = IEEE-802 > PacketFence-NTLMv2-Only = "" > Calling-Station-Id = "1c:c1:de:98:50:8e" > MS-CHAP-Challenge = 0xdb537c393d70e8cede2dccc5cb8bbcb1 > PacketFence-KeyBalanced = "7a9b9fff43732738302cd341eb1a1bab" > Framed-Protocol = PPP > Event-Timestamp = "Sep 10 2020 11:13:12 +03" > NAS-Port = 11 > Stripped-User-Name = "myuser" > Module-Failure-Message = "mschap: Program returned code (1) and output > 'Reading winbind reply failed! (0xc0000001)'" > Module-Failure-Message = "mschap: Reading winbind reply failed! (0xc0000001)" > User-Password = "******" > SQL-User-Name = "myuser" > RADIUS Reply > MS-CHAP-Error = "\010E=691 R=0 C=58f40246af72174800e59e5101288336 V=3 > M=Authentication failed" > EAP-Message = 0x04080004 > Message-Authenticator = 0x00000000000000000000000000000000 > -- > > > _______________________________________________ > PacketFence-users mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/packetfence-users
_______________________________________________ PacketFence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users
