freeradius SQL + EAP + Windows client
Ivan Kalik
tnt at kalik.net
Thu Feb 28 23:25:33 CET 2008
>Hi, I've got some problem when I try to Authorize with SQL and a windows client to Wireless connection.
>
No, you don't.
>
>When I make a test with the command
>Radtest guillaume passtest localhost 1645 testing123
>I've have this result
..
>Sending Access-Accept of id 204 to 127.0.0.1 port 34468
>
>So authorize with SQL working for now
Yes.
> but it's when I try to connect with the same parameter with my windows client I've got a access-reject and I don't know why.
..
>+- entering group authenticate
> rlm_eap: Request found, released from the list
> rlm_eap: EAP/mschapv2
> rlm_eap: processing type mschapv2
>+- entering group MS-CHAP
> rlm_mschap: Told to do MS-CHAPv2 for guillaume with NT-Password
> expand: --username=%{mschap:User-Name:-None} -> --username=guillaume
> rlm_mschap: No NT-Domain was found in the User-Name.
> expand: --domain=%{mschap:NT-Domain:-intranet} -> --domain=intranet
> mschap2: c4
> expand: --challenge=%{mschap:Challenge:-00} -> --challenge=4384da4f07ddf5b1
> expand: --nt-response=%{mschap:NT-Response:-00} -> --nt-response=b4e365eb0f01c659d845bd177f80139ebbe46ada409725f1
>Exec-Program output: Logon failure (0xc000006d)
>Exec-Program-Wait: plaintext: Logon failure (0xc000006d)
>Exec-Program: returned: 1
> rlm_mschap: External script failed.
> rlm_mschap: FAILED: MS-CHAP2-Response is incorrect
>++[mschap] returns reject
Well, you have configured it to authenticate against Active Directory.
That failed. Comment out ntlm_auth in mschap module and server will use
the password from your sql database.
Ivan Kalik
Kalik Informatika ISP
More information about the Freeradius-Users
mailing list