MSCHAP failing on new 2.1.10 install
Gary Gatten
Ggatten at waddell.com
Wed May 11 22:48:23 CEST 2011
Docs say to add this to "test" - and I'm testing. If I remove it nothing works, if it's there most things works.
G
-----Original Message-----
From: freeradius-users-bounces+ggatten=waddell.com at lists.freeradius.org [mailto:freeradius-users-bounces+ggatten=waddell.com at lists.freeradius.org] On Behalf Of Phil Mayers
Sent: Wednesday, May 11, 2011 3:41 PM
To: freeradius-users at lists.freeradius.org
Subject: Re: MSCHAP failing on new 2.1.10 install
On 05/11/2011 09:29 PM, Gary Gatten wrote:
> PS: I apparently have to leave the "DEFAULT Auth-Type = ntlm_auth " in
> the users file or "nothing" works. FWIW I am exclusively using
Leave?
There's no line like this in the default configs.
> AD/ntlm_auth for all auth types, so hopefully this won't matter? I did
Don't set Auth-Type unless you understand what you're doing and why
you're doing it. You shouldn't need to, and it'll break things in subtle
ways.
About the only real use-case for setting Auth-Type is forcing it to
Accept (for pap/mac-auth style only), Reject, or some custom auth
config, and then you need to be very careful.
> find a Wiki article about updating the control such that if Auth-Type
> doesn't exist then set it to ntlm_auth. I have this in my 2.1.6
> deployment, so may copy it over here as well. I'm trying to change as
> little as possible from the default confs....
I don't see any "Auth-Type" lines in the default configs.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
<font size="1">
<div style='border:none;border-bottom:double windowtext 2.25pt;padding:0in 0in 1.0pt 0in'>
</div>
"This email is intended to be reviewed by only the intended recipient
and may contain information that is privileged and/or confidential.
If you are not the intended recipient, you are hereby notified that
any review, use, dissemination, disclosure or copying of this email
and its attachments, if any, is strictly prohibited. If you have
received this email in error, please immediately notify the sender by
return email and delete this email from your system."
</font>
More information about the Freeradius-Users
mailing list