freeradius 2.1.7 PEAP mschapv2 invalid parameter
Eugene Vihman
ujin981 at gmail.com
Fri Aug 12 12:32:46 CEST 2011
The problem persists with escaped username (it's Administrator in UTF-8 in
russian):
Found Auth-Type = EAP
+- entering group authenticate {...}
[eap] Request found, released from the list
[eap] EAP/mschapv2
[eap] processing type mschapv2
[mschapv2] +- entering group MS-CHAP {...}
[mschap] Told to do MS-CHAPv2 for Администратор with NT-Password
[mschap] expand: --username="%{mschap:User-Name}" ->
--username="Администратор"
[mschap] expand: --domain=%{mschap:NT-Domain} -> --domain=CITYHALL
[mschap] mschap2: d6
[mschap] expand: --challenge=%{mschap:Challenge:-00} ->
--challenge=dcc735f9e06566f6
[mschap] expand: --nt-response=%{mschap:NT-Response:-00} ->
--nt-response=3a160d20c9f584afd0024f676305fba382955db43d2a39e1
Exec-Program output: Invalid parameter (0xc000000d)
Exec-Program-Wait: plaintext: Invalid parameter (0xc000000d)
Exec-Program: returned: 1
[mschap] External script failed.
[mschap] FAILED: MS-CHAP2-Response is incorrect
++[mschap] returns reject
[eap] Freeing handler
++[eap] returns reject
Failed to authenticate the user.
...
ntlm_auth successfully authenticates returning NT_KEY when run manually:
ntlm_auth --diagnostics --request-nt-key --username="Администратор"
--domain=CITYHALL --challenge=86c94cfffd3f36fa
--nt-response=3fa59f14170c3c64156be08dce431349620d99bc9f74cb79
NT_KEY: EB6DA41D01DE9C2F6ADA05D91346881E
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20110812/7566c827/attachment.html>
More information about the Freeradius-Users
mailing list