mschap: ERROR: FAILED: No NT/LM-Password. Cannot perform authentication

Alan Buxey A.L.M.Buxey at
Fri Oct 9 18:57:36 CEST 2015


radtest works because it's a PAP authentication.  Password is provided. 

You aren't following the instructions provided for doing AD Auth with freeradius. Not sure what instructing you are using but you don't call ntlm_auth in the default server.  You simply configure the mschap module and ensure mschap is called in the inner tunnel

The default call to ntlm_auth looks nothing liked you're concoction.  

ntlm_auth = "/path/to/ntlm_auth --request-nt-key --username=%{%{Stripped-User-Name}:-%{%{User-Name}:-None}} --challenge=%{%{mschap:Challenge}:-00} --nt-response=%{%{mschap:NT-Response}:-00}"

Are you referring to some random 3rd party documentation?  


More information about the Freeradius-Users mailing list