Active Directory Authentication problem with ppp
Alan DeKok
aland at deployingradius.com
Fri Jul 6 17:36:18 CEST 2012
madal 30 wrote:
> I am always getting this error, when I am trying to authenticate user
> against Active Directory
No, you're not.
> [mschap] No Cleartext-Password configured. Cannot create LM-Password.
> [mschap] No Cleartext-Password configured. Cannot create NT-Password.
> [mschap] Creating challenge hash with username: harry
> [mschap] Told to do MS-CHAPv2 for harry with NT-Password
> [mschap] FAILED: No NT/LM-Password. Cannot perform authentication.
> [mschap] FAILED: MS-CHAP2-Response is incorrect
You didn't configure the mschap module to use ntlm_auth.
> Pacakages I have installed.
That is useless information.
> My /etc/pptp/option.pptpd is :
As is that.
> And in /etc/radd/modules/mschap i have following
> mschap {
> use_mppe = yes
> require_encryption =yes
> require_strong = yes
> #with_ntdomain_hack = yes
> ntlm_auth = "/usr/bin/ntlm_auth --request-nt-key
> --username=%{Stripped-User-Name:-%{User-Name:-none}}
> --challenge=%{mschap:Challenge:-00} --nt-response=%{mschap:NT-Response:-00}"
> }
Well, the server isn't using that configuration. Go read the debug
output to figure out why.
Odds are you have TWO instances of the mschap module defined. Go fix
that.
Alan DeKok.
More information about the Freeradius-Users
mailing list