PAP with LDAP and PEAP/MSCHANPv2 with ntlm_auth
Alan DeKok
aland at deployingradius.com
Fri Jun 25 23:23:00 CEST 2010
Neil Prockter wrote:
> this is a config that works for PAP/LDAP but not PEAP/MSCHANPv2
Change the version of Samba. From eap.conf:
# If is still doesn't work, and you're using Samba,
# you may be encountering a Samba bug. See:
#
# https://bugzilla.samba.org/show_bug.cgi?id=6563
#
# Note that we do not necessarily agree with their
# explanation... but the fix does appear to work.
#
Note that this problem *never* appears if the Cleartext-Password is
available to FreeRADIUS. It *only* happens when Samba is being used.
Try this for yourself. Configure a Cleartext-Password in the "users"
file for a test user, and disable ntlm_auth. If PEAP/MSCHAPv2 works,
then the problem is Samba, not FreeRADIUS.
Alan DeKok.
More information about the Freeradius-Users
mailing list