FreeRADIUS +Active Directory + PAM

Jonathan van der Wat jonathan.vanderwatt at inet.co.za
Fri Jun 1 15:44:35 CEST 2012 

Alan,

I've been searching the lists for most of the day but haven't been able 
to come right. What I've noticed recently is that if I add the user on 
the test box with no password, and then try to sign on via ssh I see the 
following in the radiusd debug output:

User-Password = "/*mypassword*/"


However, the user is still not authenticated via the FreeRADIUS server. 
If I explicitly go and add that user to the */etc/raddb/users* file, 
then authentication works via PAP. How do I tell FreeRADIUS to use 
MS-CHAP for all users?

Greetings,

Jonathan


On 06/01/2012 03:25 PM, Alan DeKok wrote:
> Jonathan van der Wat wrote:
>> When attempting to ssh to the test box as an Active Directory user I
>> receive the following debug output:
>>
>> rad_recv: Access-Request packet from host 172.16.132.140 port 32768,
>> id=12, length=95
>>      User-Name = "jonathanv"
>>      User-Password = "\010\n\r\177INCORRECT"
>    Please see the list archives.  This question comes up a lot.
>
>    Some *OTHER* PAM module is destroying the password.  Go fix that.
>
>    Alan DeKok.
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>


Disclaimer

The information contained in this communication from the sender is confidential. It is intended solely for use by the recipient and others authorized to receive it. If you are not the recipient, you are hereby notified that any disclosure, copying, distribution or taking action in relation of the contents of this information is strictly prohibited and may be unlawful.

This email has been scanned for viruses and malware, and automatically archived by Mimecast SA (Pty) Ltd, an innovator in Software as a Service (SaaS) for business.  Mimecast Unified Email Management (UEM) offers email continuity, security, archiving and compliance with all current legislation.  To find out more, visit http://www.mimecast.co.za/uem-ppc.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20120601/9d917480/attachment.html>

More information about the Freeradius-Users mailing list