My freeradius server seems to be falling back to local authentication rather than piping it out to our ADS server. If I create a local user on the radius box authentication is successful. Can anyone please help with this? All relevant info I can think of is below. Samba connection works fine, I've joined the linux box (red hat 6.2) to the domain. Kinit connection runs fine. Edited Testparm results are: Load smb config files from /etc/samba/smb.conf rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384) Loaded services file OK. Server role: ROLE_DOMAIN_MEMBER Press enter to see a dump of your service definitions [global] workgroup = workgroup realm = INTERNAL.DOMAIN.CO.UK server string = server01 interfaces = 10.1.3.9/24 security = ADS client NTLMv2 auth = Yes log level = 1 winbind:5 auth:3 load printers = No idmap uid = 10000-45000 idmap gid = 10000-45000 winbind use default domain = Yes cups options = raw net ads lookup dcs shows a domain controller chgrp radiusd /var/lib/samba/winbindd_privileged/ has been run ntlm_auth -username give result: NT_STATUS_OK: Success (0x0) cropped debug output: Ready to process requests. rad_recv: Access-Request packet from host 10.1.1.22 port 1812, id=50, length=152 NAS-IP-Address = 10.1.1.22 NAS-Port = 50001 Cisco-NAS-Port = "FastEthernet0/1" NAS-Port-Type = Ethernet User-Name = "sm18818" Called-Station-Id = "00-16-47-F7-32-41" Calling-Station-Id = "00-24-54-42-86-04" Service-Type = Framed-User Framed-MTU = 1500 EAP-Message = 0x0200000c01736d3138383138 Message-Authenticator = 0xa49f7bb9beab7a89b485841f3a600993 server packetfence { # Executing section authorize from file /etc/raddb/sites-enabled/packetfence +- entering group authorize {...} [suffix] No '@' in User-Name = "sm18818", looking up realm NULL [suffix] No such realm "NULL" ++[suffix] returns noop ++[preprocess] returns ok [eap] EAP packet type response id 0 length 12 [eap] No EAP Start, assuming it's an on-going EAP conversation ++[eap] returns updated ++[files] returns noop ++[expiration] returns noop ++[logintime] returns noop rlm_perl: Added pair NAS-Port-Type = Ethernet rlm_perl: Added pair Service-Type = Framed-User rlm_perl: Added pair Calling-Station-Id = 00-24-54-42-86-04 rlm_perl: Added pair Called-Station-Id = 00-16-47-F7-32-41 rlm_perl: Added pair Cisco-NAS-Port = FastEthernet0/1 rlm_perl: Added pair Message-Authenticator = 0xa49f7bb9beab7a89b485841f3a600993 rlm_perl: Added pair User-Name = sm18818 rlm_perl: Added pair EAP-Message = 0x0200000c01736d3138383138 rlm_perl: Added pair EAP-Type = Identity rlm_perl: Added pair NAS-IP-Address = 10.1.1.22 rlm_perl: Added pair NAS-Port = 50001 rlm_perl: Added pair Framed-MTU = 1500 rlm_perl: Added pair Auth-Type = EAP ++[packetfence] returns noop Found Auth-Type = EAP # Executing group from file /etc/raddb/sites-enabled/packetfence +- entering group authenticate {...} [eap] EAP Identity [eap] processing type tls [tls] Initiate [tls] Start returned 1 ++[eap] returns handled } # server packetfence Sending Access-Challenge of id 50 to 10.1.1.22 port 1812 EAP-Message = 0x010100061920 Message-Authenticator = 0x00000000000000000000000000000000 State = 0x7c7cc4a17c7ddd7defb2c24478e29151 Finished request 0. Going to the next request Waking up in 4.9 seconds. rad_recv: Access-Request packet from host 10.1.1.22 port 1812, id=51, length=263 NAS-IP-Address = 10.1.1.22 NAS-Port = 50001 Cisco-NAS-Port = "FastEthernet0/1" NAS-Port-Type = Ethernet User-Name = "sm18818" Called-Station-Id = "00-16-47-F7-32-41" Calling-Station-Id = "00-24-54-42-86-04" Service-Type = Framed-User Framed-MTU = 1500 State = 0x7c7cc4a17c7ddd7defb2c24478e29151 EAP-Message = 0x0201006919800000005f160301005a0100005603014f9017be440f4cbc99f67ffe587f648545f74cc832daa9e43857f7ce7ac48e42000018002f00350005000ac013c014c009c00a003200380013000401000015ff01000100000a0006000400170018000b00020100 Message-Authenticator = 0xaae583362e9a580324ffe1459a30e524 server packetfence { # Executing section authorize from file /etc/raddb/sites-enabled/packetfence +- entering group authorize {...} [suffix] No '@' in User-Name = "sm18818", looking up realm NULL [suffix] No such realm "NULL" ++[suffix] returns noop ++[preprocess] returns ok [eap] EAP packet type response id 1 length 105 [eap] Continuing tunnel setup. ++[eap] returns ok Found Auth-Type = EAP # Executing group from file /etc/raddb/sites-enabled/packetfence +- entering group authenticate {...} [eap] Request found, released from the list [eap] EAP/peap [eap] processing type peap [peap] processing EAP-TLS TLS Length 95 [peap] Length Included [peap] eaptls_verify returned 11 [peap] (other): before/accept initialization [peap] TLS_accept: before/accept initialization [peap] <<< TLS 1.0 Handshake [length 005a], ClientHello [peap] TLS_accept: SSLv3 read client hello A [peap] >>> TLS 1.0 Handshake [length 0031], ServerHello [peap] TLS_accept: SSLv3 write server hello A [peap] >>> TLS 1.0 Handshake [length 0419], Certificate [peap] TLS_accept: SSLv3 write certificate A [peap] >>> TLS 1.0 Handshake [length 0004], ServerHelloDone [peap] TLS_accept: SSLv3 write server done A [peap] TLS_accept: SSLv3 flush data [peap] TLS_accept: Need to read more data: SSLv3 read client certificate A In SSL Handshake Phase In SSL Accept mode [peap] eaptls_process returned 13 [peap] EAPTLS_HANDLED ++[eap] returns handled } # server packetfence Sending Access-Challenge of id 51 to 10.1.1.22 port 1812 EAP-Message = 0x0102040019c00000045d16030100310200002d03014f90179057e896056f57af82c6f54e60041737802441091408cb5086b96cb93500002f000005ff0100010016030104190b00041500041200040f3082040b308202f3a0030201020209008457e87e4346de7f300d06092a864886f70d010105050030819b310b30090603550406130247423110300e06035504080c07436172646966663110300e06035504070c074361726469666631283026060355040a0c1f43617264696666204d6574726f706f6c6974616e20556e697665727369747931293027060355040b0c204c69627261727920616e6420496e666f726d6174696f6e20536572766963 EAP-Message = 0x65733113301106035504030c0a68616c6c736e61633031301e170d3132303431363138303930385a170d3133303431363138303930385a30819b310b30090603550406130247423110300e06035504080c07436172646966663110300e06035504070c074361726469666631283026060355040a0c1f43617264696666204d6574726f706f6c6974616e20556e697665727369747931293027060355040b0c204c69627261727920616e6420496e666f726d6174696f6e2053657276696365733113301106035504030c0a68616c6c736e6163303130820122300d06092a864886f70d01010105000382010f003082010a0282010100be9c9265f0fd69 EAP-Message = 0x36b44a273f0b3bf8aafa36904d3dec8d392bc1bc9d52c73cd83c34fc418e4ae116847ed462411d54e7f78d586e53c05e5a59a08327cdafdebd2d06fe22a08ffabab004fefdde1b2b005a2d17c114b5b262122f8ff5d3ae89b2b3debd83a134a3c504f57c0e46cdc201d51b343a8243167b95478d92c2b2289e6516219bda5daf1b64d2599512f41a35cc1cb749cecc637e905880e7794ae637e1f52bc9d62e8a73444ffe0e164888574d9afdb7ab3ee30c09296a6d299337796d36644d00f6a5725ff2e05381d12ba1fdd37075cd56a6b7e13e51d671aaa3aacf6f0cbf7f0f90e75e22369e426c2a530ab0abb6162582d6b3ec4adeb354e53102030100 EAP-Message = 0x01a350304e301d0603551d0e041604146cb125f0ea10521b328b7ae014a2680c058ca7bc301f0603551d230418301680146cb125f0ea10521b328b7ae014a2680c058ca7bc300c0603551d13040530030101ff300d06092a864886f70d0101050500038201010084c2453f7ee7c9659c6278e51bdcda9489b9df1721271447e78c69ea94edf9a1c90a83fd14af61ced01dfe7a931363afcd4bf2ad4c563bd5200454356c3973f8233f6ebc5a8e8fec1cdfc7a46b317ec65a5b105c644b81d435480a8386267d9975db81f918a400fe1fea57f82219834c44288970bf3b5ff40ce9089dc99e432d706e765e204fab9cbc7a6dfa88c793788441371df26d EAP-Message = 0x1966ce6ceb1e56b79c80e9ab Message-Authenticator = 0x00000000000000000000000000000000 State = 0x7c7cc4a17d7edd7defb2c24478e29151 Finished request 1. Going to the next request Waking up in 4.9 seconds. rad_recv: Access-Request packet from host 10.1.1.22 port 1812, id=52, length=164 NAS-IP-Address = 10.1.1.22 NAS-Port = 50001 Cisco-NAS-Port = "FastEthernet0/1" NAS-Port-Type = Ethernet User-Name = "sm18818" Called-Station-Id = "00-16-47-F7-32-41" Calling-Station-Id = "00-24-54-42-86-04" Service-Type = Framed-User Framed-MTU = 1500 State = 0x7c7cc4a17d7edd7defb2c24478e29151 EAP-Message = 0x020200061900 Message-Authenticator = 0x7e4e96be86285da30bea39583ab60700 server packetfence { # Executing section authorize from file /etc/raddb/sites-enabled/packetfence +- entering group authorize {...} [suffix] No '@' in User-Name = "sm18818", looking up realm NULL [suffix] No such realm "NULL" ++[suffix] returns noop ++[preprocess] returns ok [eap] EAP packet type response id 2 length 6 [eap] Continuing tunnel setup. ++[eap] returns ok Found Auth-Type = EAP # Executing group from file /etc/raddb/sites-enabled/packetfence +- entering group authenticate {...} [eap] Request found, released from the list [eap] EAP/peap [eap] processing type peap [peap] processing EAP-TLS [peap] Received TLS ACK [peap] ACK handshake fragment handler [peap] eaptls_verify returned 1 [peap] eaptls_process returned 13 [peap] EAPTLS_HANDLED ++[eap] returns handled } # server packetfence Sending Access-Challenge of id 52 to 10.1.1.22 port 1812 EAP-Message = 0x0103006d1900ae27f7c48f8dcf1d47327fc08f9f1a9a004fd376c1a4c491331b2e554c6458a40bebde6444da9b525372d9c44920937aa26393222d460bc64bd1d007021531016d5d96796972e15d25eced794837a6d77d98a5d1b7b3c128d3c895de9e9e16030100040e000000 Message-Authenticator = 0x00000000000000000000000000000000 State = 0x7c7cc4a17e7fdd7defb2c24478e29151 Finished request 2. Going to the next request Waking up in 4.9 seconds. rad_recv: Access-Request packet from host 10.1.1.22 port 1812, id=53, length=496 NAS-IP-Address = 10.1.1.22 NAS-Port = 50001 Cisco-NAS-Port = "FastEthernet0/1" NAS-Port-Type = Ethernet User-Name = "sm18818" Called-Station-Id = "00-16-47-F7-32-41" Calling-Station-Id = "00-24-54-42-86-04" Service-Type = Framed-User Framed-MTU = 1500 State = 0x7c7cc4a17e7fdd7defb2c24478e29151 EAP-Message = 0x0203015019800000014616030101061000010201004c7788a8a2f60c69bf9dd1c9a0a777de1a7b45ffc7efaded554f9ae7daa57bed28006e3af36fb6e48e325bba393c7ed30f62ee242f8bca8584f3982bf43879642f227025425044a0061a487781d4243d9b731719172f21056fba514a7ffe85becb7d4870d2d7b00940113a9a4a47bdbc087223f615f6643f9fee1c07f4c7b8ce849b605cf2d6e945295161f02014a91b90c95ae5419079252793bf3e1578e9d4a9891a73554201221bccfcbbecf2b658344db323b32aed8c7a74057abc15d8aa5edb9c3dd6cfd20de84639ebaa5bb1e78bfbf02d19cd2ca596e0a72bf4612f9a58c681473dbee4f5 EAP-Message = 0xd6d80708035534d6f9a4a296d5f67a220426e485c4796430140301000101160301003086ff2b333a990ad6876caba4e9b6f806f8a437681f6db738596d4c80963e7941f7016f3bf845cd94fb15f5f5c5fe452f Message-Authenticator = 0x21930395cd5e71160ca4bf8c1125df8e server packetfence { # Executing section authorize from file /etc/raddb/sites-enabled/packetfence +- entering group authorize {...} [suffix] No '@' in User-Name = "sm18818", looking up realm NULL [suffix] No such realm "NULL" ++[suffix] returns noop ++[preprocess] returns ok [eap] EAP packet type response id 3 length 253 [eap] Continuing tunnel setup. ++[eap] returns ok Found Auth-Type = EAP # Executing group from file /etc/raddb/sites-enabled/packetfence +- entering group authenticate {...} [eap] Request found, released from the list [eap] EAP/peap [eap] processing type peap [peap] processing EAP-TLS TLS Length 326 [peap] Length Included [peap] eaptls_verify returned 11 [peap] <<< TLS 1.0 Handshake [length 0106], ClientKeyExchange [peap] TLS_accept: SSLv3 read client key exchange A [peap] <<< TLS 1.0 ChangeCipherSpec [length 0001] [peap] <<< TLS 1.0 Handshake [length 0010], Finished [peap] TLS_accept: SSLv3 read finished A [peap] >>> TLS 1.0 ChangeCipherSpec [length 0001] [peap] TLS_accept: SSLv3 write change cipher spec A [peap] >>> TLS 1.0 Handshake [length 0010], Finished [peap] TLS_accept: SSLv3 write finished A [peap] TLS_accept: SSLv3 flush data [peap] (other): SSL negotiation finished successfully SSL Connection Established [peap] eaptls_process returned 13 [peap] EAPTLS_HANDLED ++[eap] returns handled } # server packetfence Sending Access-Challenge of id 53 to 10.1.1.22 port 1812 EAP-Message = 0x01040041190014030100010116030100301a7416c5a68d27374ed4739350a51eae93d8baede52b057347c665cabff9410f7dab4d72795b54891b15e6ed2dd0d780 Message-Authenticator = 0x00000000000000000000000000000000 State = 0x7c7cc4a17f78dd7defb2c24478e29151 Finished request 3. Going to the next request Waking up in 4.9 seconds. rad_recv: Access-Request packet from host 10.1.1.22 port 1812, id=54, length=164 NAS-IP-Address = 10.1.1.22 NAS-Port = 50001 Cisco-NAS-Port = "FastEthernet0/1" NAS-Port-Type = Ethernet User-Name = "sm18818" Called-Station-Id = "00-16-47-F7-32-41" Calling-Station-Id = "00-24-54-42-86-04" Service-Type = Framed-User Framed-MTU = 1500 State = 0x7c7cc4a17f78dd7defb2c24478e29151 EAP-Message = 0x020400061900 Message-Authenticator = 0x7f354427c0059d1a5fc0a89e7fac88f1 server packetfence { # Executing section authorize from file /etc/raddb/sites-enabled/packetfence +- entering group authorize {...} [suffix] No '@' in User-Name = "sm18818", looking up realm NULL [suffix] No such realm "NULL" ++[suffix] returns noop ++[preprocess] returns ok [eap] EAP packet type response id 4 length 6 [eap] Continuing tunnel setup. ++[eap] returns ok Found Auth-Type = EAP # Executing group from file /etc/raddb/sites-enabled/packetfence +- entering group authenticate {...} [eap] Request found, released from the list [eap] EAP/peap [eap] processing type peap [peap] processing EAP-TLS [peap] Received TLS ACK [peap] ACK handshake is finished [peap] eaptls_verify returned 3 [peap] eaptls_process returned 3 [peap] EAPTLS_SUCCESS [peap] Session established. Decoding tunneled attributes. [peap] Peap state TUNNEL ESTABLISHED ++[eap] returns handled } # server packetfence Sending Access-Challenge of id 54 to 10.1.1.22 port 1812 EAP-Message = 0x0105002b190017030100207698c92d6973a15e192ae19cecef7a29e6ccd5f32f64f713e4f5497216d6f371 Message-Authenticator = 0x00000000000000000000000000000000 State = 0x7c7cc4a17879dd7defb2c24478e29151 Finished request 4. Going to the next request Waking up in 4.8 seconds. rad_recv: Access-Request packet from host 10.1.1.22 port 1812, id=55, length=201 NAS-IP-Address = 10.1.1.22 NAS-Port = 50001 Cisco-NAS-Port = "FastEthernet0/1" NAS-Port-Type = Ethernet User-Name = "sm18818" Called-Station-Id = "00-16-47-F7-32-41" Calling-Station-Id = "00-24-54-42-86-04" Service-Type = Framed-User Framed-MTU = 1500 State = 0x7c7cc4a17879dd7defb2c24478e29151 EAP-Message = 0x0205002b1900170301002095f189b1ea8c30d31387e9a79add21fc2b07b4e7e86205b38772a041b99a6b00 Message-Authenticator = 0x3fa49fa72ae68063e5edc7c76c1a23c5 server packetfence { # Executing section authorize from file /etc/raddb/sites-enabled/packetfence +- entering group authorize {...} [suffix] No '@' in User-Name = "sm18818", looking up realm NULL [suffix] No such realm "NULL" ++[suffix] returns noop ++[preprocess] returns ok [eap] EAP packet type response id 5 length 43 [eap] Continuing tunnel setup. ++[eap] returns ok Found Auth-Type = EAP # Executing group from file /etc/raddb/sites-enabled/packetfence +- entering group authenticate {...} [eap] Request found, released from the list [eap] EAP/peap [eap] processing type peap [peap] processing EAP-TLS [peap] eaptls_verify returned 7 [peap] Done initial handshake [peap] eaptls_process returned 7 [peap] EAPTLS_OK [peap] Session established. Decoding tunneled attributes. [peap] Peap state WAITING FOR INNER IDENTITY [peap] Identity - sm18818 [peap] Got inner identity 'sm18818' [peap] Setting default EAP type for tunneled EAP session. [peap] Got tunneled request EAP-Message = 0x0205000c01736d3138383138 server packetfence { [peap] Setting User-Name to sm18818 Sending tunneled request EAP-Message = 0x0205000c01736d3138383138 FreeRADIUS-Proxied-To = 127.0.0.1 User-Name = "sm18818" NAS-IP-Address = 10.1.1.22 NAS-Port = 50001 Cisco-NAS-Port = "FastEthernet0/1" NAS-Port-Type = Ethernet Called-Station-Id = "00-16-47-F7-32-41" Calling-Station-Id = "00-24-54-42-86-04" Service-Type = Framed-User Framed-MTU = 1500 server packetfence-tunnel { # Executing section authorize from file /etc/raddb/sites-enabled/packetfence-tunnel +- entering group authorize {...} [suffix] No '@' in User-Name = "sm18818", looking up realm NULL [suffix] No such realm "NULL" ++[suffix] returns noop [eap] EAP packet type response id 5 length 12 [eap] No EAP Start, assuming it's an on-going EAP conversation ++[eap] returns updated ++[files] returns noop ++[expiration] returns noop ++[logintime] returns noop Found Auth-Type = EAP # Executing group from file /etc/raddb/sites-enabled/packetfence-tunnel +- entering group authenticate {...} [eap] EAP Identity [eap] processing type mschapv2 rlm_eap_mschapv2: Issuing Challenge ++[eap] returns handled } # server packetfence-tunnel [peap] Got tunneled reply code 11 EAP-Message = 0x010600211a0106001c10b6f046e50b7952e6e797acb2dcd7b773736d3138383138 Message-Authenticator = 0x00000000000000000000000000000000 State = 0x9920660299267c474e5f7c2e3011a1e5 [peap] Got tunneled reply RADIUS code 11 EAP-Message = 0x010600211a0106001c10b6f046e50b7952e6e797acb2dcd7b773736d3138383138 Message-Authenticator = 0x00000000000000000000000000000000 State = 0x9920660299267c474e5f7c2e3011a1e5 [peap] Got tunneled Access-Challenge ++[eap] returns handled } # server packetfence Sending Access-Challenge of id 55 to 10.1.1.22 port 1812 EAP-Message = 0x0106004b190017030100404ae4ff24a485244baabe8642914ae553c53877050c4ac566f444c764f938c4bbb924e13de5c7f90c50d5d89d5e0322b2f7e54eec93a9b6ef170863282b669f90 Message-Authenticator = 0x00000000000000000000000000000000 State = 0x7c7cc4a1797add7defb2c24478e29151 Finished request 5. Going to the next request Waking up in 4.8 seconds. rad_recv: Access-Request packet from host 10.1.1.22 port 1812, id=56, length=265 NAS-IP-Address = 10.1.1.22 NAS-Port = 50001 Cisco-NAS-Port = "FastEthernet0/1" NAS-Port-Type = Ethernet User-Name = "sm18818" Called-Station-Id = "00-16-47-F7-32-41" Calling-Station-Id = "00-24-54-42-86-04" Service-Type = Framed-User Framed-MTU = 1500 State = 0x7c7cc4a1797add7defb2c24478e29151 EAP-Message = 0x0206006b1900170301006024a871b68d472e9b2fb927c48ee8eec1927e26d0c995f1d33b245e2aaedf10d0850fe337c1fbeca10935879e64a3ca65c75159b07b567d9bca49128ad5d4abe9c7069dcb9c32575274cd9e383e7c4b93dd49018d352297f3253b5831d997b660 Message-Authenticator = 0x19cf5c1dc655bdbc50918cb01e71cfd0 server packetfence { # Executing section authorize from file /etc/raddb/sites-enabled/packetfence +- entering group authorize {...} [suffix] No '@' in User-Name = "sm18818", looking up realm NULL [suffix] No such realm "NULL" ++[suffix] returns noop ++[preprocess] returns ok [eap] EAP packet type response id 6 length 107 [eap] Continuing tunnel setup. ++[eap] returns ok Found Auth-Type = EAP # Executing group from file /etc/raddb/sites-enabled/packetfence +- entering group authenticate {...} [eap] Request found, released from the list [eap] EAP/peap [eap] processing type peap [peap] processing EAP-TLS [peap] eaptls_verify returned 7 [peap] Done initial handshake [peap] eaptls_process returned 7 [peap] EAPTLS_OK [peap] Session established. Decoding tunneled attributes. [peap] Peap state phase2 [peap] EAP type mschapv2 [peap] Got tunneled request EAP-Message = 0x020600421a0206003d31b49f7150ff84c15725200ff871377c240000000000000000b1ce20b6cca5c3e86e219ec24aef13ee2e4c12825e87e18a00736d3138383138 server packetfence { [peap] Setting User-Name to sm18818 Sending tunneled request EAP-Message = 0x020600421a0206003d31b49f7150ff84c15725200ff871377c240000000000000000b1ce20b6cca5c3e86e219ec24aef13ee2e4c12825e87e18a00736d3138383138 FreeRADIUS-Proxied-To = 127.0.0.1 User-Name = "sm18818" State = 0x9920660299267c474e5f7c2e3011a1e5 NAS-IP-Address = 10.1.1.22 NAS-Port = 50001 Cisco-NAS-Port = "FastEthernet0/1" NAS-Port-Type = Ethernet Called-Station-Id = "00-16-47-F7-32-41" Calling-Station-Id = "00-24-54-42-86-04" Service-Type = Framed-User Framed-MTU = 1500 server packetfence-tunnel { # Executing section authorize from file /etc/raddb/sites-enabled/packetfence-tunnel +- entering group authorize {...} [suffix] No '@' in User-Name = "sm18818", looking up realm NULL [suffix] No such realm "NULL" ++[suffix] returns noop [eap] EAP packet type response id 6 length 66 [eap] No EAP Start, assuming it's an on-going EAP conversation ++[eap] returns updated ++[files] returns noop ++[expiration] returns noop ++[logintime] returns noop Found Auth-Type = EAP # Executing group from file /etc/raddb/sites-enabled/packetfence-tunnel +- entering group authenticate {...} [eap] Request found, released from the list [eap] EAP/mschapv2 [eap] processing type mschapv2 [mschapv2] # Executing group from file /etc/raddb/sites-enabled/packetfence-tunnel [mschapv2] +- entering group MS-CHAP {...} [mschap] No Cleartext-Password configured. Cannot create LM-Password. [mschap] No Cleartext-Password configured. Cannot create NT-Password. [mschap] Creating challenge hash with username: sm18818 [mschap] Told to do MS-CHAPv2 for sm18818 with NT-Password [mschap] FAILED: No NT/LM-Password. Cannot perform authentication. [mschap] FAILED: MS-CHAP2-Response is incorrect ++[mschap] returns reject [eap] Freeing handler ++[eap] returns reject Failed to authenticate the user. Login incorrect: [sm18818] (from client 10.1.1.22 port 50001 cli 00-24-54-42-86-04 via TLS tunnel) } # server packetfence-tunnel [peap] Got tunneled reply code 3 MS-CHAP-Error = "\006E=691 R=1" EAP-Message = 0x04060004 Message-Authenticator = 0x00000000000000000000000000000000 [peap] Got tunneled reply RADIUS code 3 MS-CHAP-Error = "\006E=691 R=1" EAP-Message = 0x04060004 Message-Authenticator = 0x00000000000000000000000000000000 [peap] Tunneled authentication was rejected. [peap] FAILURE ++[eap] returns handled } # server packetfence Sending Access-Challenge of id 56 to 10.1.1.22 port 1812 EAP-Message = 0x0107002b1900170301002083d13929a4b17d457d0978cbdf96feaf9b3d0291f181a38ab1d60377f0333d2a Message-Authenticator = 0x00000000000000000000000000000000 State = 0x7c7cc4a17a7bdd7defb2c24478e29151 Finished request 6. Going to the next request Cheers, Andi ________________________________
From 1st November 2011 UWIC changed its title to Cardiff Metropolitan University. From the 6th December 2011, as part of this change, all email addresses which included @uwic.ac.uk have changed to @cardiffmet.ac.uk. All emails sent from Cardiff Metropolitan University will now be sent from the new @cardiffmet.ac.uk address. Please could you ensure that all of your contact records and databases are updated to reflect this change. Further information can be found on the website here.<http://www3.uwic.ac.uk/English/News/Pages/UWIC-Name-Change.aspx>
Ar Dachwedd y 1af 2011 newidiodd UWIC ei henw i Brifysgol Fetropolitan Caerdydd. O Ragfyr 6ed, fel rhan o'r newid yma, bydd pob cyfeiriad e-bost sy'n cynnwys @uwic.ac.uk yn newid i @cardiffmet.ac.uk. Bydd yr holl ebyst a ddanfonir o Brifysgol Fetropolitan Caerdydd yn cael eu danfon o'r cyfeiriad @cardiffmet.ac.uk newydd. Gwnewch yn siwr eich bod yn diweddaru eich cofnodion cyswllt a'ch cronfeydd data i adlewyrchu hyn. Gellir cael rhagor o wybodaeth ar y wefan yma.<http://www3.uwic.ac.uk/English/News/Pages/UWIC-Name-Change.aspx>