mschap: ERROR: FAILED: No NT/LM-Password. Cannot perform authentication
Alan Buxey
A.L.M.Buxey at lboro.ac.uk
Fri Oct 9 18:57:36 CEST 2015
Right.
radtest works because it's a PAP authentication. Password is provided.
You aren't following the instructions provided for doing AD Auth with freeradius. Not sure what instructing you are using but you don't call ntlm_auth in the default server. You simply configure the mschap module and ensure mschap is called in the inner tunnel
The default call to ntlm_auth looks nothing liked you're concoction.
ntlm_auth = "/path/to/ntlm_auth --request-nt-key --username=%{%{Stripped-User-Name}:-%{%{User-Name}:-None}} --challenge=%{%{mschap:Challenge}:-00} --nt-response=%{%{mschap:NT-Response}:-00}"
Are you referring to some random 3rd party documentation?
alan
More information about the Freeradius-Users
mailing list