I can’t find where this conditional processing is
happing. I have two FR servers with “nearly” the same
config. Auth works on one, but not the other:
Both servers set auth type to MS-CHAP:
“[mschap] Found MS-CHAP attributes. Setting
'Auth-Type = mschap'
++[mschap] returns ok”
Everything is the same up to the “PAP” warning
message, then:
- Server that works uses MSCHAP:
Found Auth-Type = MSCHAP
+- entering group MS-CHAP {...}
…
Login OK:
- Server that FAILS:
++? if (!control:Auth-Type)
? Evaluating !(control:Auth-Type) -> FALSE
++? if (!control:Auth-Type) -> FALSE
Found Auth-Type = ntlm_auth
+- entering group authenticate {...}
…
Login incorrect:
Ignore why ntlm_auth is failing – I’ll figure
that out later if needed. What I need to know is WHY it’s not just using
MSCHAP like the working server and doing some conditional processing to set the
Auth-Type? I checked “all” the conf files I can think of and
can’t seem to find this… Any clues would be appreciated.
Thanks!