(freeradius 3) I'm trying to integrate freeradius with active directory in cenos 7.
Alan DeKok
aland at deployingradius.com
Fri Sep 23 15:32:59 CEST 2016
On Sep 23, 2016, at 9:18 AM, Marcelo Martinez <marcelo.martinez at nexa.com.uy> wrote:
>
> (0) mschap : Client is using MS-CHAPv1 with NT-Password
> Executing: /usr/bin/ntlm_auth --request-nt-key
> --username=%{mschap:User-Name:-None} --domain=%{%{mschap:NT-Domain}:-TEST}
> --challenge=%{mschap:Challenge:-00} --nt-response=%{mschap:NT-Response:-00}:
> (0) mschap : EXPAND --username=%{mschap:User-Name:-None}
> (0) mschap : --> --username=Administrator
> (0) ERROR: mschap : No NT-Domain was found in the User-Name
> (0) mschap : EXPAND --domain=%{%{mschap:NT-Domain}:-TEST}
> (0) mschap : --> --domain=TEST
> (0) mschap : mschap1: 17
> (0) mschap : EXPAND --challenge=%{mschap:Challenge:-00}
> (0) mschap : --> --challenge=1727510430eb23ac
> (0) mschap : EXPAND --nt-response=%{mschap:NT-Response:-00}
> (0) mschap : -->
> --nt-response=a3ef84d919b3671900fd909461ed833b69c4e1ed39cd251d
> Program returned code (1) and output 'Reading winbind reply failed!
> (0xc0000001)'
> (0) mschap : External script failed
> (0) ERROR: mschap : External script says: Reading winbind reply failed!
> (0xc0000001)
That would seem important. Fix ntlm_auth / winbind so that it works.
Follow my guide:
http://deployingradius.com/documents/configuration/active_directory.html
Do it all step by step. It shouldn't be difficult.
Alan DeKok.
More information about the Freeradius-Users
mailing list