mschap with ntlm_auth and Active Directory

robert22 robert at ardvuela.co.uk
Fri Mar 4 02:32:49 CET 2011


Phil Mayers wrote:
> 
> Are you sure the mschap client is using the right password, and matches 
> the password in the domain?
> 
> Can you do a plaintext auth with the password you expect it to be?
> 
> ntlm_auth --username= --password=
> 

Works fine with plaintext auth:

root at FREERADIUS:/etc/freeradius# ntlm_auth --username=0024D6650564
--password=Pa$$w0rd
NT_STATUS_OK: Success (0x0)
root at FREERADIUS:/etc/freeradius# ntlm_auth --username=0024D670F3A6
--password=Pa$$w0rd
NT_STATUS_OK: Success (0x0)
root at FREERADIUS:/etc/freeradius# ntlm_auth --username=0024D6650564
--password=Pa$$w0rd
NT_STATUS_OK: Success (0x0)

The password Pa$$w0rd is set in the Wireless Controller, if thats what you
mean by mschap client?

Is there a tool I can use to test this with that will send mschap challanges
etc to the freeradius, rather than using the wireless controller? someone
recommended NTRadPing but I cant seem to set it to send the mschap
challenges?

If I posted up my confs, would someone be willing to take a look at them?

Thanks


--
View this message in context: http://freeradius.1045715.n5.nabble.com/mschap-with-ntlm-auth-and-Active-Directory-tp3407522p3408863.html
Sent from the FreeRadius - User mailing list archive at Nabble.com.



More information about the Freeradius-Users mailing list