ldap auto header MS-CHAPv2

omega bk omegabk at gmail.com
Mon Mar 15 13:53:52 CET 2010


hi,

how can i handle encrypted users's ldap password ?

pap reckognize my ssha1 from base64 encoding => because of the auto_header
to yes

but it looks like MS-CHAP does not kwow how to deal with...

[ldap] Added User-Password = {SSHA}2FJYOM+C3mqL2g6wOhcLfjMY2XdoQ4bi in check
items
[ldap] No default NMAS login sequence
[ldap] looking for check items in directory...
  [ldap] userPassword -> Cleartext-Password ==
"{SSHA}2FJYOM+C3mqL2g6wOhcLfjMY2XdoQ4bi"
[ldap] looking for reply items in directory...
[ldap] user bernard authorized to use remote access
  [ldap] ldap_release_conn: Release Id: 0
++[ldap] returns ok
++[expiration] returns noop
++[logintime] returns noop
[pap] Normalizing SSHA1-Password from base64 encoding
[pap] Found existing Auth-Type, not changing it.
++[pap] returns noop
Found Auth-Type = EAP
+- entering group authenticate {...}
[eap] Request found, released from the list
[eap] EAP/mschapv2
[eap] processing type mschapv2
[mschapv2] +- entering group MS-CHAP {...}
[mschap] Told to do MS-CHAPv2 for bernard with NT-Password
[mschap] FAILED: MS-CHAP2-Response is incorrect
++[mschap] returns reject


thank u
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20100315/8fe88461/attachment.html>


More information about the Freeradius-Users mailing list