AW: mschap: ERROR: FAILED: No NT/LM-Password. Cannot perform authentication
Torsten Wilms
torsten at wilms-ac.de
Fri Oct 9 19:04:20 CEST 2015
This was from http://deployingradius.com/documents/configuration/active_directory.html
But for a testing i removed domain.
But my mistake was that i placed the row ntlm_auth in the wrong section :((((((
So now it seems to be work
I will change the certificates to our one and start testing with windows domain clients.
Thanks a lot for your support and patience
Torsten .
Von: Alan Buxey [mailto:A.L.M.Buxey at lboro.ac.uk]
Gesendet: Freitag, 9. Oktober 2015 18:58
An: FreeRadius users mailing list <freeradius-users at lists.freeradius.org>; Torsten Wilms <torsten at wilms-ac.de>; 'FreeRadius users mailing list' <freeradius-users at lists.freeradius.org>
Betreff: Re: mschap: ERROR: FAILED: No NT/LM-Password. Cannot perform authentication
Right.
radtest works because it's a PAP authentication. Password is provided.
You aren't following the instructions provided for doing AD Auth with freeradius. Not sure what instructing you are using but you don't call ntlm_auth in the default server. You simply configure the mschap module and ensure mschap is called in the inner tunnel
The default call to ntlm_auth looks nothing liked you're concoction.
ntlm_auth = "/path/to/ntlm_auth --request-nt-key --username=%{%{Stripped-User-Name}:-%{%{User-Name}:-None}} --challenge=%{%{mschap:Challenge}:-00} --nt-response=%{%{mschap:NT-Response}:-00}"
Are you referring to some random 3rd party documentation?
alan
More information about the Freeradius-Users
mailing list