Logging ntlm authentication
schilling
schilling2006 at gmail.com
Mon Nov 8 20:46:37 CET 2010
Hi,
Could you please summarize what you did to log the output from
ntlm_auth and MS_CHAP-Error? Even with configuration snippet will be
greatly appreciated!
Thanks,
Schilling
On Wed, Sep 8, 2010 at 5:02 PM, Garber, Neal
<Neal.Garber at iberdrolausa.com> wrote:
>> Hmm... OK. The issue appears to be that the tunneled reply is saved
>> for Access-Accept, but not Access-Reject.
>> See "accept_vps" in rlm_eap_peap/*. Something similar needs to be
>> done for reject, and for TTLS.
>
> You are a gentleman and a scholar! I have made the changes as you suggested for PEAP and tested PEAP-MSCHAPv2. It works! I am now able to log the output from ntlm_auth and MS-CHAP-Error. I'm also excited about the improved TLS logging in 2.1.10.
>
> I will add the code for TTLS now. Unfortunately, I don't have a way to test that as I don't believe eapol_test supports TTLS and we don't use it. I suppose someone else can test it once I upload the patch (which I will do after I make the TTLS changes).
>
> Thanks again Alan.
>
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>
More information about the Freeradius-Users
mailing list