<html>
<head>
<style><!--
.hmmessage P
{
margin:0px;
padding:0px
}
body.hmmessage
{
font-size: 12pt;
font-family:Calibri
}
--></style></head>
<body class='hmmessage'><div dir='ltr'><div id="mp0_msgPartBody" class="MsgPartBody ClearBoth"><div pfx="mpf0_" sf="s" fa="Forward" raa="ReplyAll" ra="Reply" rfu="InboxLight.aspx?n=2023195088&Action={0}&AllowUnsafe={1}" bt="Full"><div class="ClearBoth"><div id="mpf0_wideMsgBarPlaceholder" class="WideMessageBarContainer"><style>
.ExternalClass .ecxhmmessage P {
padding:0px;
}
.ExternalClass body.ecxhmmessage {
font-size:12pt;
font-family:Calibri;
}
</style>Hi,<br> <br>thanks for the Help. Actually im decided to create a new VM and reinstall the complete Server. I`m following the complete How-To, but i`m getting two different Errors.<br> <br>The <strong>First One </strong>is this:<br> <br>It`s under the first Point: Configuring Authentification with Active Directory</div></div><div id="mpf0_readMsgBodyContainer" class="ReadMsgBody" onclick="return Control.invoke('MessagePartBody','_onBodyClick',event,event);"><div id="mpf0_MsgContainer" class="SandboxScopeClass ExternalClass"><div dir="ltr"><div id="header"><table width="0"><tbody><tr><td><p id="ecxslogan"> </p></td></tr></tbody></table></div>I`m startet the Samba and Kerberos Services und used this Command:<br> <br>net join -U MyAdministrator<br><br>> Worked. I`m getting this Message: <br>Using short domain name -- MYDomain<br>Joined 'UBUNTU' to realm 'MYDomain'<br> <br>The next Step wbinfo -a <b>user</b>%<strong>password </strong>works too, but i`m getting this Error-Message:<br> <br><em>Could not authenticate user Username%Password with plaintext password</em><br>challenge/response password authentication succeeded<br><br>Is this normal? How can I fix it? The Response seems to work correctly.<br> <br> <br>The <strong>Second One</strong> is this:<br> <br>It`s the last Point on this Page: Configuring FreeRadius to use ntml_auth for MS-CHAP<br> <br>In this Step, i must edit the following line with this text in the file: <strong>/etc/freeradius/modules/mschap</strong><br> <br><em>ntlm_auth = "<b>/path/to/ntlm_auth</b> --request-nt-key --username=%{mschap:User-Name:-None} --domain=%{%{mschap:NT-Domain}:-<b>MYDOMAIN</b>} --challenge=%{mschap:Challenge:-00} --nt-response=%{mschap:NT-Response:-00}"</em><br> <br>But my default commented ntml_auth looks like this:<br> <br> ntlm_auth = "/usr/bin/ntlm_auth --request-nt-key --username=%{%{Stripped-User-Name}:-%{%{User-Name}:-None}} --challenge=%{%{mschap:Challenge}:-00} --nt-response=%{%{mschap:NT-Response}:-00}" <br> <br>In my default ntlm_auth, the option "<em>--domain=%{%{mschap:NT-Domain}:-<b>MYDOMAIN</b>}" </em>is missing. Should i add it?<br> <br>Actually i`m using my default uncommented ntlm_auth. So, i`m going to test the MS-CHAP authentification reuqest with this command:<br> <br><em>$ radtest -t mschap bob hello localhost 0 testing123</em><br><em></em> <br><em>And i`m getting this Error-Message:</em><br><em></em> <br><em>Sending Access-Request of id 251 to 127.0.0.1 port 1812<br> User-Name = "bob"<br> NAS-IP-Address = 127.0.1.1<br> NAS-Port = 0<br> Message-Authenticator = 0x00000000000000000000000000000000<br> MS-CHAP-Challenge = 0x01774f129c72245c<br> MS-CHAP-Response = 0x000100000000000000000000000000000000000000000000000024ff68dcea66e8348622a45aa91804201f2102e9ecc0add6<br>rad_recv: Access-Reject packet from host 127.0.0.1 port 1812, id=251, length=38<br> MS-CHAP-Error = "\000E=691 R</em><br><em></em> <br><strong>/etc/freeradius/users</strong><br> <br>First Line:<br>bob Cleartext-Password := "hello" <br>#<br># Please read the documentation file ../doc/processing_users_file,<br># or 'man 5 users' (after installing the server) for more information.<br>#<br>....<br> <br>@Mathieu<br><span id="ecxresult_box" lang="en" class="ecxshort_text"><span class="ecxhps">Is there a</span> <span class="ecxhps">current RADIUS-book</span> <span class="ecxhps">that you</span> <span class="ecxhps">can</span> <span class="ecxhps">recommend</span><span class="ecxhps">?</span></span><br> <br>-- BeliarsFire</div></div></div></div></div> </div></body>
</html>