Re: MSCHAPv2 Module with Stripped-Username - no ActiveDirectory

Markus Maurer lists at v-net.tk
Mon Nov 12 12:50:18 CET 2018


OMG:... What a stupid misstake of myself.... Sorry guys I had a bad lapse in thought.. :/
Thank you all for helping and bringing me back to the right track. xD

Am Montag, November 12, 2018 12:35 CET, Matthew Newton <mcn at freeradius.org> schrieb:
 On Mon, 2018-11-12 at 10:43 +0000, Adam Bishop wrote:
> On 12 Nov 2018, at 10:09, Markus Maurer <lists at v-net.tk> wrote:
> > You *cannot* make this work using MSCHAP and AD.It is working.
>
> Did you send the right debug log? That shows a user being
> authenticated from a cleartext password in the users file and the
> stripped-user-name not being discarded:
>
> Debug: (1) mschap: Found Cleartext-Password, hashing to create NT-Password
> Debug: (1) mschap: Found Cleartext-Password, hashing to create LM-Password
> Debug: (1) mschap: Creating challenge hash with username: johndoe:123456




On 2018-11-11 at 16:46 +0000, Alan DeKok wrote:
> If the users name and password is in SQL, then it's possible. Look
> up the user in SQL based on the Stripped-User-Name (which is the
> default). And, do the MS-CHAP calculations based on the real
> User-Name (which is also the default).

--
Matthew

-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html


 

-- 
This email was Malware checked by UTM 9. http://www.sophos.com


More information about the Freeradius-Users mailing list