Another LDAP/MSCHAPv2 problem
Alan Buxey
A.L.M.Buxey at lboro.ac.uk
Thu Feb 9 17:41:35 CET 2012
Hi,
> [mschap] No Cleartext-Password configured. Cannot create LM-Password.
> [mschap] Found NT-Password
> [mschap] Creating challenge hash with username: host/dti-dahport
> [mschap] Told to do MS-CHAPv2 for host/dti-dahport with NT-Password
> [mschap] FAILED: MS-CHAP2-Response is incorrect
hmm, with nt_domain_hack = yes and --username=%{%{mschap:User-Name} used for
the auth attempt , things shoud work
as Alan said, MS host authentication is 'wierd' - the record tends to have a $ or so
within it...but whatever you see as the attempt in debug mode should work on the
command line
alan
More information about the Freeradius-Users
mailing list