Samba NT & LM hashes with PEAP
Alan DeKok
aland at deployingradius.com
Tue Jun 24 09:23:29 CEST 2008
Juraj Hrubša wrote:
> I want to use an existing LDAP database for authentication of WIFI users
> using EAP-PEAP. I am already using LDAP as a backend for samba, so I
> have NT and LM hashes stored. The problem is I am still getting errors:
>
> rlm_mschap: Found LM-Password
> rlm_mschap: Found NT-Password
> rlm_mschap: Told to do MS-CHAPv2 for lolo with NT-Password
> rlm_mschap: FAILED: MS-CHAP2-Response is incorrect
That's pretty definitive.
> # Note that NT-Passwords MUST be stored as a 32-digit hex
> # string, and MUST start off with "0x", such as:
> #
> # 0x000102030405060708090a0b0c0d0e0f
You're running an old version of the server. You should upgrade.
That requirement is gone in newer versions of the server.
Alan DeKok.
More information about the Freeradius-Users
mailing list