Authentification using MS-CHAP with Active Directory
Noro Hasina
norohasin at gmail.com
Tue Jan 12 16:44:45 CET 2010
Hi everybody,
My project have changed, and I should use Active Directory instead of mysql
for authentication because we use AD for user's domain administration.
My server can join the domain but my problem is that ms-chap does'nt do
anything during radtest. here is the result
when i run radiusd -X the module is linked
*module mschap*
Module: Linked to module rlm_mschap
Module: Instantiating mschap
mschap {
use_mppe = yes
require_encryption = yes
require_strong = yes
with_ntdomain_hack = yes
ntlm_auth = "/usr/bin/ntlm_auth --request-nt-key
--username=%{mschap:User-Name:-None}
--domain=%{%{mschap:NT-Domain}:-CELTELMG}
--challenge=%{mschap:Challenge:-00} --nt-response=%{mschap:NT-Response:-00}"
}
After the Ready to process requests, I run
# radtest testuser testuser localhost 0 pass
and here but mschap isn't used :
rad_recv: Access-Request packet from host 127.0.0.1 port 45703, id=64,
length=60
User-Name = "testuser"
User-Password = "testuser"
NAS-IP-Address = xxxxxxxx
NAS-Port = 0
+- entering group authorize {...}
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
Anyone could help me please!
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20100112/be30d71a/attachment.html>
More information about the Freeradius-Users
mailing list