Error: User-Name is not the same as MS-CHAP name
Phil Mayers
p.mayers at imperial.ac.uk
Sun May 29 12:16:57 CEST 2011
On 05/28/2011 06:33 PM, Francois Gaudreault wrote:
> Sending tunneled request
> EAP-Message =
> 0x020700421a0207003d3187ddf68b18fb1dce4cdd5b001c06abc000000000000000009a7812e4d4a1f425347de951e68fac50054fd8ff32d403fa0054656368524d43
>
> FreeRADIUS-Proxied-To = 127.0.0.1
> User-Name = "STIC08862\\TechRMC"
> State = 0x510e2245510938eb25e1ac3222e20688
Ok, so as before what we're seeing is that the host is sending
STIC08862\TechRMC
...in the EAP-Identity response, but:
TechRMC
...in the MSCHAP packet (the hex above decodes to that)
This is obviously broken, but here's where I get confused: STIC08862
doesn't look like a domain name to me. It looks like a machine name.
Is the machine a domain member or not? Is the user logging on locally or
with a domain account? Or is this an artefact of the way Novell works?
What happens if you take an ordinary machine, without the Novell client
installed, create a local user with the same username/password as a
domain user, then use "send username automatically"
That is - does this work if the Novell client isn't in the picture?
More information about the Freeradius-Users
mailing list