Enabling NTLM causes the daemon not to start...
Matthew Newton
mcn at freeradius.org
Thu Dec 6 10:40:14 CET 2018
On Thu, 2018-12-06 at 09:17 +0000, WAGHORN, Jason (NHS BORDERS) via
Freeradius-Users wrote:
> When I attempt to launch radiusd, it bombs out with the following
> error "/etc/raddb/sites-enabled/inner-tunnel[59]: Errors parsing pap
> sub-section."
>
> The authenticate section is this:
...
> pap {
> ntlm_auth
> }
> }
Mistake on the wiki; I've fixed it.
This should be
Auth-Type pap {
not just
pap {
> If I comment out the pap stanza and reinstate the "pap" line - it
> launches, but with the side effect that AD authentication isn't
> working (although that could easily be something else entirely :))
Probably something else, it's unlikely most devices are using EAP-
TTLS/PAP. Even without those pap parts of the config you should still
find that the MSCHAPv2 methods work, if configured correctly.
> Any pointers most welcome - because I cannot for the life of me see
> what might be wrong (and I'm a newbie at trying to decipher radius
> debug output)
>
> radius -X output below
You've certainly done something right - sending the "-X" output, not
-Xxxx or -Xx or whatever other people keep sending!
--
Matthew
More information about the Freeradius-Users
mailing list