Authentication failed

Stefan Winter stefan.winter at restena.lu
Thu Jul 12 13:17:04 CEST 2007


Hi,

okay, now that the User-Name thing is fixed, another problem with your config 
shows up. The ntlm_auth line is way too short! Therefore, the key can't be 
retrieved.
Is there maybe a line wrap in radiusd.conf, line "ntlm_auth = ..." or 
something? The shipped ntlm_auth line works by default! Yours is only

'/usr/bin/ntlm_auth --request-nt-key '

i.e. it's missing all the important parts!

Stefan

> modcall: entering group Auth-Type for request 8
>   rlm_mschap: No User-Password configured.  Cannot create LM-Password.
>   rlm_mschap: No User-Password configured.  Cannot create NT-Password.
>   rlm_mschap: Told to do MS-CHAPv2 for host/PC-BARCMM2.it.local with
> NT-Password radius_xlat:  '/usr/bin/ntlm_auth --request-nt-key '
> Exec-Program: /usr/bin/ntlm_auth --request-nt-key
> username must be specified!
>
> Usage: [OPTION...]
>   --helper-protocol=helper protocol to use     operate as a stdio-based
> helper --username=STRING                            username
>   --domain=STRING                              domain name
>   --workstation=STRING                         workstation
>   --challenge=STRING                           challenge (HEX encoded)
>   --lm-response=STRING                         LM Response to the challenge
>                                                (HEX encoded)
>   --nt-response=STRING                         NT or NTLMv2 Response to the
>                                                challenge (HEX encoded)
>   --password=STRING                            User's plaintext password
>   --request-lm-key                             Retreive LM session key
>   --request-nt-key                             Retreive User (NT) session
> key --diagnostics                                Perform diagnostics on the
> authentictaion chain --require-membership-of=STRING               Require
> that a user be a member of this group (either name or SID) for
> authentication to succeed
>
> Help options
>   -?, --help                                   Show this help message
>   --usage                                      Display brief usage message
>
> Common samba options:
>   -d, --debuglevel=DEBUGLEVEL                  Set debug level
>   -s, --configfile=CONFIGFILE                  Use alternative
> configuration file
>   -l, --log-basename=LOGFILEBASE               Basename for log/debug files
>   -V, --version                                Print version
> Exec-Program output:
> Exec-Program: returned: 1
>   rlm_mschap: External script failed.


-- 
Stefan WINTER

Stiftung RESTENA - Réseau Téléinformatique de l'Education Nationale et de 
la Recherche
Ingenieur Forschung & Entwicklung

6, rue Richard Coudenhove-Kalergi
L-1359 Luxembourg
E-Mail: stefan.winter at restena.lu     Tel.:     +352 424409-1
http://www.restena.lu                Fax:      +352 422473
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part.
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20070712/1a909785/attachment.pgp>


More information about the Freeradius-Users mailing list