Active directory and MS-CHAP Authentication.
Alan DeKok
aland at nitros9.org
Tue May 9 18:26:53 CEST 2006
Antonio Matera <antonio.matera at create-net.it> wrote:
> If I insert in the users file "DEFAULT Auth-Type := MS-CHAP", in the log
> file I read this error:
Which is why the documentation says to NOT set Auth-Type.
You didn't post the rest of the debug log (i.e. the packet), but
it's obvious what's happening. The server is getting a packet without
ms-chap, and you told it to do ms-chap, so it doesn't work.
The solution is don't break the configuration of the server.
> If I remove the DAFAULT user in the users file in the log I can't find a
> mschap authentication and the user is reject.
I doubt that very much. The default config works.
If you're using "radtest", then it doesn't do ms-chap
authentication, so you can't use it to test ms-chap on the server.
You have to use another client.
Alan DeKok.
More information about the Freeradius-Users
mailing list