ntlm_auth - rlm_mschap: No User-Password configured. Cannot create NT-Password.

Phil Mayers p.mayers at imperial.ac.uk
Fri Jul 14 11:13:19 CEST 2006


> 
> [root at curric4182-05 raddb]#
> [root at curric4182-05 raddb]#
> [root at curric4182-05 raddb]# /usr/bin/ntlm_auth --request-nt-key 
> --username=e2052982 --domain=ADMIN4182 --challenge=6151ad29f27eff47 
>  --nt-response=01e42eabc464bf9915883d804457069d4702d95534ce4d53
> Logon failure (0xc000006d)
> [root at curric4182-05 raddb]#
> [root at curric4182-05 raddb]#
> 
> Not good. :-(  .. but they do give me the domain option .. so it 
> "should" be ok. ?

Try asking on the Samba lists. Also, check the event logs on the other 
domain - it might be that you don't have the relevant options enabled or 
permissions set to do inter-domain mschap (I don't know what, if any, 
options you need)

> 
> .
> .
> .
> 
> Sorry ... couple more idiot (newbie) questions  ....
> 
> I am using PEAP with MSCHAPv2 .. and (I think) according to the how-tos 
> .. I do NOT need
> ANY certificate(s) on the client PC... Is this correct ??.... or, if not 

Correct

> .. which certificate(s) are
> REQUIRED on the PC... ??  I am using tinyCA with the OID extra bits for 
> the XP extensions.
> Is this an error in the following certficate stuff ??
> 

ignore that

> .
> .
> .
> IS the following significant ... ?? It seems to say it cannot create the 
> password ??
> 
> modcall: entering group MS-CHAP for request 7
>  rlm_mschap: No User-Password configured.  Cannot create LM-Password.
>  rlm_mschap: No User-Password configured.  Cannot create NT-Password.
>  rlm_mschap: Told to do MS-CHAPv2 for e2052982 with NT-Password

ignore that, since you're using ntlm_auth it's irrelevant



More information about the Freeradius-Users mailing list