freeradius3 unable authenticate ldap user through mschap
Fajar A. Nugraha
list at fajar.net
Wed Nov 6 09:43:31 CET 2019
On Wed, Nov 6, 2019 at 10:16 AM Karunagaran D <karunad at ssn.edu.in> wrote:
>
> Dear Team,
>
> I have configured ldap module and successfully authenticate in radtest,
> but i Unable to authenticate ldap users through mschap
>
> Herewith I am attaching the successful ldap authentication file and
> unsucessful authentication ldap users through mschap
>
>
> Please help
Your log says
(1) mschap: WARNING: No Cleartext-Password configured. Cannot create
NT-Password
(1) mschap: WARNING: No Cleartext-Password configured. Cannot create
LM-Password
(1) mschap: Client is using MS-CHAPv1 with NT-Password
(1) mschap: ERROR: FAILED: No NT/LM-Password. Cannot perform authentication
Meaning your LDAP server doesn't provide Cleartext-Password,
NT-Password, or LM-password to freeradius.
If you use Active Directory, you can configure ntlm_auth. But if it's
something else, and you don't store user passwords as clear text/NT
hash in ldap, then mschapv2 with ldap won't work. See
http://deployingradius.com/documents/protocols/oracles.html
--
Fajar
More information about the Freeradius-Users
mailing list