MSCHAPv2 fails to authenticate against OpenDirectory with error 5100 (0x13ec)
Alan DeKok
aland at deployingradius.com
Wed Jun 10 14:49:57 CEST 2015
On Jun 10, 2015, at 7:58 AM, Alan Egerton <eggyal at gmail.com> wrote:
> I'm trying to follow the instructions in Dan Barrett's article
> <https://www.yesdevnull.net/2013/10/os-x-mavericks-server-setting-up-freeradius/>
> to get the distribution of FreeRADIUS (v2.2.0) that ships with OS X
> Server (v4.1) to authenticate Open Directory users via non-Apple
> authenticators.
It *should* just work. After all, it's supposed to be tested by Apple before they ship it.
> However, the MSCHAPv2 module always fails as follows:
>
> [mschap] No Cleartext-Password configured. Cannot create LM-Password.
> [mschap] No Cleartext-Password configured. Cannot create NT-Password.
> [mschap] Creating challenge hash with username: username
> [mschap] Client is using MS-CHAPv2 for username, we need NT-Password
> [mschap] Using OpenDirectory to authenticate
> [mschap] Doing OD MSCHAPv2 auth
> [mschap] Authentication failed for username: error 5100 (0x13ec): unknown error
>
> I can't find any documentation on what might have caused this error
> and am not sure how to progress from here. Your thoughts would be
> most welcome!
I can't find any documentation, either.
I suggest trying to install 3.0.8. We've put more messages into the module which *should* help track down exactly what's going wrong.
Alan DeKok.
More information about the Freeradius-Users
mailing list