computer authentication

Phil Mayers p.mayers at imperial.ac.uk
Fri Dec 7 17:55:27 CET 2012


On 07/12/12 16:34, Dan Letkeman wrote:

> [mschapv2] # Executing group from file /etc/raddb/sites-enabled/inner-tunnel
> [mschapv2] +- entering group MS-CHAP {...}
> [mschap] No Cleartext-Password configured.  Cannot create LM-Password.
> [mschap] No Cleartext-Password configured.  Cannot create NT-Password.
> [mschap] Creating challenge hash with username: host/DAN01
> [mschap] Told to do MS-CHAPv2 for host/DAN01 with NT-Password
> [mschap] FAILED: No NT/LM-Password.  Cannot perform authentication.
> [mschap] FAILED: MS-CHAP2-Response is incorrect

Hmm. It doesn't look like you've configured "mschap" to use "ntlm_auth". 
It also doesn't look as if this machine is an Active Directory domain 
member.

You can't do machine auth if

  a) the machine isn't a domain member (because it doesn't have 
credentials) or
  b) you don't check against the domain by configuring "ntlm_auth"


More information about the Freeradius-Users mailing list