mschap: ERROR: FAILED: No NT/LM-Password. Cannot perform authentication

Matthew Newton mcn4 at leicester.ac.uk
Thu Oct 8 17:14:39 CEST 2015


On Thu, Oct 08, 2015 at 04:55:35PM +0200, Torsten Wilms wrote:
> If i try to login via "radtest -x test testpwd 127.0.0.1:18120 0 testing123"
> on the linux console, everything is working via ldap. If i try this over the
> 802.1X AccessPoint, it doesn't work. 

This is impossible with PEAP/EAP-MSCHAPv2. AD won't give you
either the Cleartext-Password or the NT hash.

http://deployingradius.com/documents/protocols/compatibility.html

> I think that everything goes wrong with encrypt/decrypt the Domain User
> password or no User-Password is given after eap or something else. I tried a
> lot of stuff, but nothing works.

Forget trying to do LDAP to AD for auth and install Samba.

http://deployingradius.com/documents/configuration/active_directory.html

Matthew


-- 
Matthew Newton, Ph.D. <mcn4 at le.ac.uk>

Systems Specialist, Infrastructure Services,
I.T. Services, University of Leicester, Leicester LE1 7RH, United Kingdom

For IT help contact helpdesk extn. 2253, <ithelp at le.ac.uk>


More information about the Freeradius-Users mailing list