Problem with ntlm winbind - No User-Password configured. Cannot create LM-Password

Konne bridge_stone at gmx.net
Wed Mar 29 15:47:15 CEST 2006 

hi

my problem is following:

.......
auth: type "EAP"
  Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 6
  rlm_eap: Request found, released from the list
  rlm_eap: EAP/mschapv2
  rlm_eap: processing type mschapv2
  Processing the authenticate section of radiusd.conf
modcall: entering group Auth-Type for request 6
  rlm_mschap: No User-Password configured.  Cannot create LM-Password.
  rlm_mschap: No User-Password configured.  Cannot create NT-Password.
  rlm_mschap: Told to do MS-CHAPv2 for lehrer with NT-Password
radius_xlat: Running registered xlat function of module mschap for 
string 'NT-Domain'
radius_xlat: Running registered xlat function of module mschap for 
string 'User-Name'
radius_xlat: Running registered xlat function of module mschap for 
string 'Challenge'
 mschap2: 5b
radius_xlat: Running registered xlat function of module mschap for 
string 'NT-Response'
radius_xlat:  '/usr/bin/ntlm_auth --request-nt-key --domain=XXXXX 
--username=USER --challenge=921647d950709696 
--nt-response=5882778194e622a6b9da392d2852d62ceb17144f53e7ced2'
Exec-Program: /usr/bin/ntlm_auth --request-nt-key --domain=XXXXX 
--username=USER --challenge=921647d950709696 
--nt-response=5882778194e622a6b9da392d2852d62ceb17144f53e7ced2
Exec-Program output: winbind client not authorized to use 
winbindd_pam_auth_crap.  Ensure permissions on 
/var/cache/samba/winbindd_privileged are set correctly. (0xc0000022)
Exec-Program-Wait: plaintext: winbind client not authorized to use 
winbindd_pam_auth_crap.  Ensure permissions on 
/var/cache/samba/winbindd_privileged are set correctly. (0xc0000022)
Exec-Program: returned: 1
  rlm_mschap: External script failed.
  rlm_mschap: FAILED: MS-CHAP2-Response is incorrect
  modcall[authenticate]: module "mschap" returns reject for request 6
modcall: group Auth-Type returns reject for request 6
  rlm_eap: Freeing handler
  modcall[authenticate]: module "eap" returns reject for request 6
modcall: group authenticate returns reject for request 6
auth: Failed to validate the user.
  PEAP: Got tunneled reply RADIUS code 3
        MS-CHAP-Error = "\010E=691 R=1"
        EAP-Message = 0x04080004
        Message-Authenticator = 0x00000000000000000000000000000000
  PEAP: Processing from tunneled session code 0xa050d40 3
        MS-CHAP-Error = "\010E=691 R=1"
        EAP-Message = 0x04080004
        Message-Authenticator = 0x00000000000000000000000000000000
  PEAP: Tunneled authentication was rejected.
  rlm_eap_peap: FAILURE
  modcall[authenticate]: module "eap" returns handled for request 6
modcall: group authenticate returns handled for request 6
Sending Access-Challenge of id 67 to 10.92.124.2:1645
        EAP-Message = 
0x010900261900170301001b0e5cfcbdba58b6fa4dff4d6d233650499c90b171a8c8a5ea5c7269
        Message-Authenticator = 0x00000000000000000000000000000000
        State = 0xcd4008f5215934f6b818f5c3915e05b3
Finished request 6
Going to the next request
Waking up in 5 seconds...


i searched on the web but i found nothing. someone has an idea?

thx

More information about the Freeradius-Users mailing list