peap with mysql

Chris Liles Chris.Liles at
Thu May 18 16:10:43 CEST 2006

Thanks Alan,

That worked perfectly.

Now the next problem:

I'm trying to set up freeradius to do ntlm and mysql. 

Currently mysql only works when I comment out the ntlm_auth line in the mschap section. I'm thinking because it is sending the username/password to the Domain Controller, which won't auth it because the info is in the mysql database when the ntlm line is present.

How can I make the mschap module use both ntlm and mysql?

Chris Liles

-----Original Message-----
From: at [ at] On Behalf Of Alan DeKok
Sent: Wednesday, May 17, 2006 7:08 PM
To: FreeRadius users mailing list
Subject: Re: peap with mysql 

"Chris Liles" <Chris.Liles at> wrote:
> To get peap working with a mysql backend do I need to store the LM
> and NT hashes of the password?


> I currently have my db setup like this:
> mysql> select * from radcheck;
> +----+----------+---------------+----+--------+
> | id | UserName | Attribute     | op | Value  |
> +----+----------+---------------+----+--------+
> |  1 | temptest | User-Password | == | authme |

  You should ":=", not "==".

> Currently it works fine with NTRadPing, but not from the MS Supplicant :(

  Debug mode will tell you why: there's no User-Password in the
MS-CHAP request to do "==" comparisons on.

  Alan DeKok.

List info/subscribe/unsubscribe? See

More information about the Freeradius-Users mailing list