802.1x machine authentication patch help
Michael Griego
mgriego at utdallas.edu
Fri Nov 18 19:16:43 CET 2005
Make sure you used the rlm_MSchap module from the snapshot, not the
rlm_chap module. They're different.
--Mike
Jamie Crawford wrote:
> Hi,
> I am trying to get machine authentication working with freeradius. I
> have patched the samba code and freeradius code. But am getting this
> error when the machine tries to authenticate. I patched the rlm_chap
> module by taking last nights cvs snapshot and copying over the rlm_chap
> folder overwriting the contents of the same folder in the
> freeradius-1.0.5 release and recompiling. I see that it is trying to
> pass the username as "host/IS--000031176". I thought the updated
> rlm_mschap was suppposed to strip the "host/" part of the username. Do
> I need to create a realm to strip the "host/"?
> Any help would be appreciated!!!
> Thanks,
> jamie
>
>
> make clean
>
> ./configure --configure --with-raddbdir=/etc/radius
> --with-logdir=/var/log/radius --disable-snmp --without-rlm_sql
> --without-rlm_ldap --without-rlm_krb5
>
> make
>
> make install
>
> modcall: entering group Auth-Type for request 6
> rlm_mschap: No User-Password configured. Cannot create LM-Password.
> rlm_mschap: No User-Password configured. Cannot create NT-Password.
> rlm_mschap: Told to do MS-CHAPv2 for host/IS--000031176 with
> NT-Password
> radius_xlat: Running registered xlat function of module mschap for
> string 'User-Name'
> radius_xlat: Running registered xlat function of module mschap for
> string 'Challenge'
> mschap2: d3
> radius_xlat: Running registered xlat function of module mschap for
> string 'NT-Response'
> radius_xlat: '/usr/bin/ntlm_auth --domain= --request-nt-key
> --username=host/IS--000031176 --challenge=ba9273ce0768615e
> --nt-response=fd385f1011a2f799b5d62e04ba
> d8bb39719fa48c3d11299e'
> Exec-Program: /usr/bin/ntlm_auth --domain= --request-nt-key
> --username=host/IS--000031176 --challenge=ba9273ce0768615e
> --nt-response=fd385f1011a2f799b5d62e04bad8bb39719fa48c3d11299e
> Exec-Program output: Logon failure (0xc000006d)
> Exec-Program-Wait: plaintext: Logon failure (0xc000006d)
> Exec-Program: returned: 1
> rlm_mschap: External script failed.
>
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>
More information about the Freeradius-Users
mailing list