Active Directory Authentication problem with ppp

Alan DeKok aland at
Fri Jul 6 17:36:18 CEST 2012

madal 30 wrote:
> I am always getting this error, when I am trying to authenticate user
> against Active Directory 

  No, you're not.

> [mschap] No Cleartext-Password configured.  Cannot create LM-Password.
> [mschap] No Cleartext-Password configured.  Cannot create NT-Password.
> [mschap] Creating challenge hash with username: harry
> [mschap] Told to do MS-CHAPv2 for harry with NT-Password
> [mschap] FAILED: No NT/LM-Password.  Cannot perform authentication.
> [mschap] FAILED: MS-CHAP2-Response is incorrect

  You didn't configure the mschap module to use ntlm_auth.

> Pacakages I have installed.

  That is useless information.

> My /etc/pptp/option.pptpd is :

  As is that.

> And in /etc/radd/modules/mschap i have following 
> mschap {
>          use_mppe = yes
>          require_encryption =yes
>         require_strong = yes
>        #with_ntdomain_hack = yes
> ntlm_auth = "/usr/bin/ntlm_auth --request-nt-key
> --username=%{Stripped-User-Name:-%{User-Name:-none}}
> --challenge=%{mschap:Challenge:-00} --nt-response=%{mschap:NT-Response:-00}"
> }

  Well, the server isn't using that configuration.  Go read the debug
output to figure out why.

  Odds are you have TWO instances of the mschap module defined.  Go fix

  Alan DeKok.

More information about the Freeradius-Users mailing list