Thanks for the catch on listing ntlm_auth in authorize. I followed the deployingradius.com link. I'm still not getting it. I tried uncommenting the ntlm_auth = line in the mschap file. I got the same result.
+- entering group authorize {...} ++[preprocess] returns ok ++[chap] returns noop ++[mschap] returns noop [suffix] No '@' in User-Name = "DOM002\MD90345", looking up realm NULL [suffix] No such realm "NULL" ++[suffix] returns noop ++[unix] returns notfound [files] users: Matched entry DEFAULT at line 174 ++[files] returns ok ++[expiration] returns noop ++[logintime] returns noop [ntlm_auth] expand: --username=%{mschap:User-Name} ->
ntlm_auth is still listed in authorize (only lower down the order). Remove it from there. And what happened to eap? It should be before unix, files, etc.
including configuration file /etc/raddb/modules/mschap ... Module: Instantiating mschap mschap { use_mppe = yes require_encryption = yes require_strong = yes with_ntdomain_hack = yes }
You haven't enabled ntlm_auth in mschap module. You only have it as standalone exec script. Ivan Kalik Kalik Informatika ISP