ClearText-Password?
Dean, Barry
B.Dean at liverpool.ac.uk
Mon Mar 3 12:32:25 CET 2008
I am migrating my RADIUS from:
a) FreeBSD, FreeRADIUS 1.1.7, eDirectory lookups.
to
b) Solaris 10 x86, FreeRADIUS 2.0.1, Active Directory, winbindd etc.
I stripped out all the LDAP stuff from the config, enabled ntlm_auth in the mschap module, changed the users file DEFAULT entry from LDAP to mschap, and bingo it works, almost!
At least both "a" and "b" work for 802.1x/EAP-TTLS clients. However for other clients such as EZProxy, only "a" works.
>From my new config, debug says:
+- entering group MS-CHAP
rlm_mschap: No Cleartext-Password configured. Cannot create LM-Password.
rlm_mschap: No Cleartext-Password configured. Cannot create NT-Password.
rlm_mschap: No MS-CHAP-Challenge in the request
++[mschap] returns reject
So it fails.
My Question is:
"Where is no ClearText-Password configured?"
1) Is it the RADIUS client not providing one?
2) Is it the RADIUS config that is missing something?
3) Is it the AD directory that is missing a ClearText-Password?
---------------
Barry Dean
Networks Team
Computing Services Department
Tel: 0151 794 5641 (x45641)
More information about the Freeradius-Users
mailing list