adding mschap to an existing ttls/pap setup
Alan DeKok
aland at deployingradius.com
Fri Apr 13 08:50:02 CEST 2012
Brian Gold wrote:
> Ok, new pastebin: http://pastebin.com/5f2W3PjN
> I've confirmed that I don't have "Auth-Type := LDAP" anywhere in my configuration.
Did you try checking the "set_auth_type" entry in the ldap module
config, as suggested in another post?
> The sambaNTPassword hash was incorrect. We can't
> use smbpasswd since we don't actually have a full samba setup at this time,
This is a bad answer. *Nothing* prevents you from using the program.
FreeRADIUS ships with a "smbencrypt" program. Go look for it.
> just a normal openldap server which happens to have the
> samba schema so we can use sambaNTPassword. We will probably be moving to a full samba at some point, but not just yet. I've
> manually corrected the NT hash and confirmed that it works via radtest, but I'm still apparently getting rejected. Any help would be
> appreciated. If there is more information I can give, just let me know.
Try reading the debug output you posted. It says "Access-Accept". So
it works. Why are you saying the user is rejected?
This is a free help list. Very little is *more* irritating than
people who can't be bothered to help themselves.
The whole point of the debug output is for YOU TO READ IT.
Alan DeKok.
More information about the Freeradius-Users
mailing list