Freeradius 2.1.12 Second LDAP Server

Beliars Fire beliarsfire at
Mon Sep 16 15:54:13 CEST 2013

thanks for the Help. Actually im decided to create a new VM and reinstall the complete Server. I`m following the complete How-To, but i`m getting two different Errors.
The First One is this:
It`s under the first Point: Configuring Authentification with Active Directory I`m startet the Samba and Kerberos Services und used this Command:
net join -U MyAdministrator

> Worked. I`m getting this Message: 
Using short domain name -- MYDomain
Joined 'UBUNTU' to realm 'MYDomain'
The next Step wbinfo -a user%password works too, but i`m getting this Error-Message:
Could not authenticate user Username%Password with plaintext password
challenge/response password authentication succeeded

Is this normal? How can I fix it? The Response seems to work correctly.
The Second One is this:
It`s the last Point on this Page: Configuring FreeRadius to use ntml_auth for MS-CHAP
In this Step, i must edit the following line with this text in the file: /etc/freeradius/modules/mschap
ntlm_auth = "/path/to/ntlm_auth --request-nt-key --username=%{mschap:User-Name:-None} --domain=%{%{mschap:NT-Domain}:-MYDOMAIN} --challenge=%{mschap:Challenge:-00} --nt-response=%{mschap:NT-Response:-00}"
But my default commented ntml_auth looks like this:
 ntlm_auth = "/usr/bin/ntlm_auth --request-nt-key --username=%{%{Stripped-User-Name}:-%{%{User-Name}:-None}} --challenge=%{%{mschap:Challenge}:-00} --nt-response=%{%{mschap:NT-Response}:-00}"  
In my default ntlm_auth, the option "--domain=%{%{mschap:NT-Domain}:-MYDOMAIN}" is missing. Should i add it?
Actually i`m using my default uncommented ntlm_auth. So, i`m going to test the MS-CHAP authentification reuqest with this command:
$ radtest -t mschap bob hello localhost 0 testing123
And i`m getting this Error-Message:
Sending Access-Request of id 251 to port 1812
 User-Name = "bob"
 NAS-IP-Address =
 NAS-Port = 0
 Message-Authenticator = 0x00000000000000000000000000000000
 MS-CHAP-Challenge = 0x01774f129c72245c
 MS-CHAP-Response = 0x000100000000000000000000000000000000000000000000000024ff68dcea66e8348622a45aa91804201f2102e9ecc0add6
rad_recv: Access-Reject packet from host port 1812, id=251, length=38
 MS-CHAP-Error = "\000E=691 R
First Line:
bob     Cleartext-Password := "hello" 
# Please read the documentation file ../doc/processing_users_file,
# or 'man 5 users' (after installing the server) for more information.
Is there a current RADIUS-book that you can recommend?
-- BeliarsFire 		 	   		  
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the Freeradius-Users mailing list