MSChap via ntlm_auth problem

Anton Brinyov anton.brinyov at gmail.com
Sat Aug 22 16:29:49 CEST 2009 

Oh!

I notice in /var/log/messages follow line after each auth attempt:

Aug 22 18:28:33 gate1 kernel: pid 78473 (radiusd), uid 133: exited on signal 12


Thanks,
Anton


2009/8/22 Anton Brinyov <anton.brinyov at gmail.com>:
> Hi,
>
> I try to move samba's ntlm_auth program and replace it by simple shell script:
>
> #!/bin/sh
> echo "Test!"
>
> But NOTHING CHANGED!
>
> I think, radius don't call ntlm_auth program, but I don't know why.
>
> Thanks,
> Anton
>
>
> 2009/8/20 Anton Brinyov <anton.brinyov at gmail.com>:
>> Here are my sites-enabled/default and sites-enabled/inner-tunnel files.
>>
>> Thanks,
>> Anton
>>
>>
>> 2009/8/19 Alan Buxey <A.L.M.Buxey at lboro.ac.uk>:
>>> Hi,
>>>
>>>> I have another freeradius host (freeradius 2.1.3) with the same
>>>> authentication scheme.
>>>> I look at debug output on it:
>>>>
>>>> Found Auth-Type = MSCHAP
>>>> +- entering group MS-CHAP {...}
>>>> [mschap] No Cleartext-Password configured.  Cannot create LM-Password.
>>>> [mschap] No Cleartext-Password configured.  Cannot create NT-Password.
>>>> [mschap] Told to do MS-CHAPv2 for BAS with NT-Password
>>>> [mschap] WARNING: Deprecated conditional expansion ":-".  See "man
>>>> unlang" for details
>>>> [mschap] WARNING: Deprecated conditional expansion ":-".  See "man
>>>> unlang" for details
>>>> [mschap]        expand:
>>>> --username=%{Stripped-User-Name:-%{User-Name:-None}} -> --username=BAS
>>>> [mschap]  mschap2: bb
>>>> [mschap]        expand: --challenge=%{mschap:Challenge:-00} ->
>>>> --challenge=205180e1818e1214
>>>> [mschap]        expand: --nt-response=%{mschap:NT-Response:-00} ->
>>>> --nt-response=0a9b4e0053367b750904915b08aa65b792be3274e312aa78
>>>> Exec-Program output: NT_KEY: A9B342EC3E218E54A330556C468415CD
>>>> Exec-Program-Wait: plaintext: NT_KEY: A9B342EC3E218E54A330556C468415CD
>>>> Exec-Program: returned: 0
>>>> [mschap] adding MS-CHAPv2 MPPE keys
>>>> ++[mschap] returns ok
>>>>
>>>> ntlm_auth comands is the same on both hosts.
>>>>
>>>> The difference is "Exec-Program output:"
>>>>
>>>> Why?
>>>
>>> your previous emails only listed the mschap module and radiusd.conf - but
>>> not the sites-enabled/default or sites-enabled/inner-tunnel  files.....
>>>
>>> alan
>>> -
>>
>

More information about the Freeradius-Users mailing list