PEAP mschapv2 using xp native supplicant

Alan DeKok aland at
Wed Aug 27 08:44:47 CEST 2008

Ryan Setiawan H wrote:
> Here the attribute at LDAP server for user testing
> dn: uid=testing,ou=dialup,dc=zzz,dc=com
> lmPassword: Testing10
> ntPassword: Testing10

  And here we have it.  Those are NOT valid lmPassword or ntPassword
fields.  You are putting the clear-text password into those fields.  The
clear-text password belongs in the "userPassword" field.

  Delete the lmPassword and ntPassword fields from the DB.  They're wrong.

> Sorry Alan, I don't intend to do that and make it difficult. it just
> usually people don't like a lot text show up and make them bored to read
> it, so I pick the message which I conclude have to do with the problem...
> I include all debug below... thanks for your help

  The issue is that you said it didn't work.. but then didn't post the
debug output which says *why* it didn't work.  When you posted the
output containing "invalid LM Password", that should have been a hint to
*also* post the LM Password, and to ask "why is this invalid?"

  Alan DeKok.

More information about the Freeradius-Users mailing list