On 07/01/2010 18:57, Difan Zhao wrote:
Greetings!
I did read the “*mschap*” module file and I did see that in order to use a *cleartext* password, I need to set “*MS-CHAP-Use-NTLM-Auth := No*” however I don’t know where to set it.
I tried to set it in “*hints*” file like the following. I added it to the beginning of the file and the rest is just default.
enseo_stb
MS-CHAP-Use-NTLM-Auth := No
The “*enseo_stb*” is the username. I do see that it matched the line in the *preprocess* in the debug however the authentication still failed. I don’t have this user account set in Windows AD. I do have it set in my *users* file.
Enseo_stb Cleartext-Password := "password"
Any advice?? Thank you!!
In the config file for your EAP _inner-tunnel_: server inner-tunnel-server { authorize { ... update control { MS-CHAP-Use-NTLM-Auth := 0 } mschap ... } ... you could use unlang to wrap it in an if statement if you wanted to be selective about when to apply it. -James -- James J J Hooper Network Specialist Information Services University of Bristol http://www.wireless.bristol.ac.uk http://www.jamesjj.net --