Please help with my EAP config - PEAP/MSCHAP

Nyle nyle at
Tue Oct 23 19:11:44 CEST 2007

Alan DeKok-4 wrote:
> Nyle wrote:
>> I'm sure it's something simple I missed when following
>> the online setup guides that are supposed to walk you through. I've
>> checked
>> and re-checked my eap.conf and rediusd.conf.
>   There's a lot of this error:  Maybe you want to check that out.
>> rlm_ldap: performing search in ou=TechSupport,ou=JeffS,o=Jeff, with
>> filter
>> (cn=auser)
>> rlm_ldap: checking if remote access for auser is allowed by
>> wirelessAccess
>> rlm_ldap: Error reading Universal Password.Return Code = -16049
>> rlm_ldap: looking for check items in directory...
>> rlm_ldap: looking for reply items in directory...
>   And there's no "known good" password found for the user.
>>   rlm_mschap: No User-Password configured.  Cannot create LM-Password.
>>   rlm_mschap: No User-Password configured.  Cannot create NT-Password.
>>   rlm_mschap: Told to do MS-CHAPv2 for auser with NT-Password
>>   rlm_mschap: FAILED: No NT/LM-Password.  Cannot perform authentication.
>   Tell the server what the users correct password is.
>   Alan DeKok.

    Thank you, thank you, thank you - You know after you've looked at a
problem from 6 different directions for too long. Often the simplest
solution doesn't come to mind. You last statement - "Tell the server what
the users correct password is." - took me to the simplest fix. Reset the
users Novell eDirectory based Universal Password. Once I set the password it
worked, now I can debug why the system that should synchronize those
passwords automatically isn't working right.

I do have another related question but it might need to be a separate post.
However, let me ask it here and see.

The built in Windows XP Pro SP2 wireless will now connect correctly but when
I switch back to the DELL Wireless Utility and use
WPA-ENTERPRISE/PEAP/MSCHAPv2, I don't even see debugging information from
radiusd. It's like it doesn't even receive the request at all. 

As I said, I understand if I don't get a reply but has anyone seen this?

View this message in context:
Sent from the FreeRadius - User mailing list archive at

More information about the Freeradius-Users mailing list