Error: User-Name is not the same as MS-CHAP name

Phil Mayers p.mayers at imperial.ac.uk
Sun May 29 12:16:57 CEST 2011


On 05/28/2011 06:33 PM, Francois Gaudreault wrote:
> Sending tunneled request
>          EAP-Message =
> 0x020700421a0207003d3187ddf68b18fb1dce4cdd5b001c06abc000000000000000009a7812e4d4a1f425347de951e68fac50054fd8ff32d403fa0054656368524d43
>
>          FreeRADIUS-Proxied-To = 127.0.0.1
>          User-Name = "STIC08862\\TechRMC"
>          State = 0x510e2245510938eb25e1ac3222e20688

Ok, so as before what we're seeing is that the host is sending

STIC08862\TechRMC

...in the EAP-Identity response, but:

TechRMC

...in the MSCHAP packet (the hex above decodes to that)

This is obviously broken, but here's where I get confused: STIC08862 
doesn't look like a domain name to me. It looks like a machine name.

Is the machine a domain member or not? Is the user logging on locally or 
with a domain account? Or is this an artefact of the way Novell works?

What happens if you take an ordinary machine, without the Novell client 
installed, create a local user with the same username/password as a 
domain user, then use "send username automatically"

That is - does this work if the Novell client isn't in the picture?



More information about the Freeradius-Users mailing list