Error: User-Name is not the same as MS-CHAP name
Daniel Deptuła
daniel.deptula at gmail.com
Sat May 7 22:53:36 CEST 2011
W dniu 2011-05-07 20:50, Robert Mc Cready pisze:
>
> The "MS-CHAP-Use-NTLM-Auth := no" did the job but I still have one
> problem with Windows XP clients, I get a " [mschap] ERROR: User-Name
> (CAD08862\ldapuser) is not the same as MS-CHAP Name (ldapuser) from
> EAP-MSCHAPv2". Users log on locally, the host name is not a domain
> name. Windows 7 clients work fine because they send only the username.
> I do some rewrites so I can get the username for the LDAP
> authentication and the computers name for computer account
> authentication (I'm not familiar with unlang yet). We use FR 2.1.10.
>
> Any idea how to fix this ?
>
Try to uncomment the ntdomain line in the authorize section of site
configuration. This will split the realm (computer name) and login.
Maybe you'll also need to set the with_ntdomain_hack = yes in mschap
module configuration.
Daniel
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20110507/14e44bd7/attachment.html>
More information about the Freeradius-Users
mailing list