freeRADIUS -> AD Auth (<100kb)
A.L.M.Buxey at lboro.ac.uk
A.L.M.Buxey at lboro.ac.uk
Wed Aug 13 20:19:03 CEST 2014
Hi,
> > It now fails with:
> > [pap] WARNING! No "known good" password found for the user.
> > Authentication may fail because of this.
no. thats way up near the top. the real failure is much much further down:
[mschapv2] # Executing group from file /etc/freeradius/sites-enabled/inner-tunnel
[mschapv2] +- entering group MS-CHAP {...}
[mschap] Creating challenge hash with username: hausmeister at oblan
[mschap] Told to do MS-CHAPv2 for hausmeister at oblan with NT-Password
[mschap] expand: %{User-Name} -> hausmeister at oblan
[mschap] expand: --username==%{%{User-Name}:-None}} -> --username==hausmeister at oblan}
Exec-Program output: Password: NT_STATUS_NO_SUCH_USER: No such user (0xc0000064)
Exec-Program-Wait: plaintext: Password: NT_STATUS_NO_SUCH_USER: No such user (0xc0000064)
Exec-Program: returned: 1
[mschap] External script failed.
[mschap] FAILED: MS-CHAP2-Response is incorrect
++[mschap] returns reject
I would change your User-Name call in the tnlm_auth to Stripped-User-Name
alan
More information about the Freeradius-Users
mailing list