Logging ntlm authentication

schilling schilling2006 at gmail.com
Mon Nov 8 20:46:37 CET 2010


Hi,

Could you please summarize what you did to log the output from
ntlm_auth and MS_CHAP-Error?  Even with configuration snippet will be
greatly appreciated!

Thanks,

Schilling

On Wed, Sep 8, 2010 at 5:02 PM, Garber, Neal
<Neal.Garber at iberdrolausa.com> wrote:
>> Hmm... OK.  The issue appears to be that the tunneled reply is saved
>> for Access-Accept, but not Access-Reject.
>> See "accept_vps" in rlm_eap_peap/*.  Something similar needs to be
>> done for reject, and for TTLS.
>
> You are a gentleman and a scholar!  I have made the changes as you suggested for PEAP and tested PEAP-MSCHAPv2.  It works!  I am now able to log the output from ntlm_auth and MS-CHAP-Error.  I'm also excited about the improved TLS logging in 2.1.10.
>
> I will add the code for TTLS now.  Unfortunately, I don't have a way to test that as I don't believe eapol_test supports TTLS and we don't use it.  I suppose someone else can test it once I upload the patch (which I will do after I make the TTLS changes).
>
> Thanks again Alan.
>
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>




More information about the Freeradius-Users mailing list