mschap help

Raymond Norton admin at lctn.org
Thu Feb 17 21:39:17 CET 2011


  I followed the tutorial 
(http://deployingradius.com/documents/configuration/active_directory.html) 
and seemed to have mschap working. I had configured freeradius to use 
eap prior to setting up to work with AD, so not sure if anything I 
already configured is conflicting.

Wanting to verify mschap was indeed working, I disabled the domain user 
account, and verified I could no longer authenticate via freeradius. I 
enabled the account again and can login from a LAN PC, but have not been 
able to authenticate through wireless  via freeradius. Wbinfo, 
ntlm_auth, and radtest all work fine from the command line.  and I have 
added "DEFAULT     Auth-Type = ntlm_auth " to the user file

Not sure how much to include from debug, but this seems to be the issue. 
Have read up on other posts about this and have seen a variety of 
reasons from a samba bug to running freeradius on 64bit.

  Hoping it is just a config option I missed.




[mschap] No Cleartext-Password configured.  Cannot create LM-Password.
[mschap] No Cleartext-Password configured.  Cannot create NT-Password.
[mschap] Told to do MS-CHAPv2 for raymond with NT-Password
[mschap] FAILED: No NT/LM-Password.  Cannot perform authentication.
[mschap] FAILED: MS-CHAP2-Response is incorrect




More information about the Freeradius-Users mailing list