Issues authenticating vs 2003 AD

Tim P panterafreak at gmail.com
Fri Aug 19 16:38:33 CEST 2005 

I have read the docs, maybe I am just missing where there example was,
I see the entries commented but not for what I need I guess (or I
missed).

I have reconfigured radiusd.conf again to see it I can authenticate
and am still having trouble

Can you look at these configs and tell me where you see issues?

radiusd.conf

        mschap {
                authtype = MS-CHAP
                use_mppe = yes
                require_encryption = yes
                require_strong = yes
                #with_ntdomain_hack = no
                ntlm_auth = "/usr/bin/ntlm_auth --request-nt-key
--username=%{Stripped-User-Name:-%{User-Name:-None}}
--challenge=%{mschap:Challenge:-00}
--nt-response=%{mschap:NT-Response:-00}"
        }


        realm suffix {
                format = suffix
                delimiter = "@"
                ignore_default = no
                ignore_null = no
        }


authorize {
        preprocess
#       auth_log
#       attr_filter
#       chap
        mschap
#       digest
#       IPASS
        suffix
#       ntdomain
#       eap
#       files
#       sql
#       etc_smbpasswd
#       ldap
#       daily
#       checkval
}

authenticate {

        Auth-Type MS-CHAP {
                mschap
        }
        }

preacct {
	preprocess
	suffix



proxy.conf

realm gtdsolutions.org {
        type            = radius
        authhost        = LOCAL
        accthost        = LOCAL
}


realm LOCAL {
        type            = radius
        authhost        = LOCAL
        accthost        = LOCAL
}


users

DEFAULT Auth-Type = mschap
        Fall-Through = 1


attempted login from a windows host via l2tp

output of radiusd -X -A
Ready to process requests.
rad_recv: Access-Request packet from host 127.0.0.1:32771, id=169, length=90
        Service-Type = Framed-User
        Framed-Protocol = PPP
        User-Name = "tporritt at gtdsolutions.org"
        CHAP-Password = 0x44ac3d380292ea549c27ecce30ec2afe9c
        NAS-IP-Address = 127.0.0.1
        NAS-Port = 0
  Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 0
  modcall[authorize]: module "preprocess" returns ok for request 0
  modcall[authorize]: module "mschap" returns noop for request 0
    rlm_realm: Looking up realm "gtdsolutions.org" for User-Name =
"tporritt at gtdsolutions.org"
    rlm_realm: Found realm "gtdsolutions.org"
    rlm_realm: Adding Stripped-User-Name = "tporritt"
    rlm_realm: Proxying request from user tporritt to realm gtdsolutions.org
    rlm_realm: Adding Realm = "gtdsolutions.org"
    rlm_realm: Authentication realm is LOCAL.
  modcall[authorize]: module "suffix" returns noop for request 0
modcall: group authorize returns ok for request 0
auth: No authenticate method (Auth-Type) configuration found for the
request: Rejecting the user
auth: Failed to validate the user.
Delaying request 0 for 1 seconds
Finished request 0

More information about the Freeradius-Users mailing list