MSChap via ntlm_auth problem
Anton Brinyov
anton.brinyov at gmail.com
Mon Aug 17 15:02:14 CEST 2009
Hi!
I tried to use aythentication via Active Directory domain.
FreeRadius 2.1.6 return error:
[mschap] No Cleartext-Password configured. Cannot create LM-Password.
[mschap] No Cleartext-Password configured. Cannot create NT-Password.
[mschap] Told to do MS-CHAPv2 for BAS with NT-Password
[mschap] WARNING: Deprecated conditional expansion ":-". See "man unlang"
for details
[mschap] WARNING: Deprecated conditional expansion ":-". See "man unlang"
for details
[mschap] expand: --username=%{Stripped-User-Name:-%{User-Name:-None}} ->
--username=BAS
[mschap] mschap2: bb
[mschap] expand: --challenge=%{mschap:Challenge:-00} ->
--challenge=256c4a167da6dfb6
[mschap] expand: --nt-response=%{mschap:NT-Response:-00} ->
--nt-response=d57ebadb8c21cc5b95dfc9022b621678897e529734e979ba
Exec-Program output:
Exec-Program: Abnormal child exit: Invalid argument
[mschap] External script failed.
[mschap] FAILED: MS-CHAP2-Response is incorrect
++[mschap] returns reject
Failed to authenticate the user.
If I call ntlm_auth from shell I get right answer.
It was tested with samba-3.0.35 and samba 3.3.4.
My radiusd.conf, modules/mschap and dump of radiusd output in attachments.
Thanks,
Anton.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20090817/04d4bacb/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: mschap
Type: application/octet-stream
Size: 2356 bytes
Desc: not available
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20090817/04d4bacb/attachment.obj>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: radiusd.conf
Type: application/octet-stream
Size: 26480 bytes
Desc: not available
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20090817/04d4bacb/attachment-0001.obj>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: radiusd.output
Type: application/octet-stream
Size: 12627 bytes
Desc: not available
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20090817/04d4bacb/attachment-0002.obj>
More information about the Freeradius-Users
mailing list