Change username for MSCHAPv2
Alan DeKok
aland at deployingradius.com
Mon Jul 3 14:36:17 CEST 2017
> On Jul 3, 2017, at 8:28 AM, Gabriele Verzeletti <gabriele at verzeletti.org> wrote:
>
> Using Stripped-User-Name was one of my first try.
> I got this error
Did you try using the default configuration for the mschap module? Which has Stripped-User-Name in it? And which works?
> eap_mschapv2: # Executing group from file /etc/raddb/sites-enabled/inner-tunnel
> (8) eap_mschapv2: Auth-Type MS-CHAP {
> (8) mschap: Creating challenge hash with username: /user/@/domain.com/
> (8) mschap: Client is using MS-CHAPv2
> (8) mschap: Executing: /usr/bin/ntlm_auth --request-nt-key --username=%{%{mschap:Stripped-User-Name}:-None} --challenge=%{%{mschap:Challenge}:-00} --nt-response=%{%{mschap:NT-Response}:-00}:
> (8) mschap: ERROR: Unknown expansion string 'Stripped-User-Name' <--------------------------- UNKNOWN !!!!!
Yes... the default configuration has %{Stripped-User-Name}. Not %{mschap:Stripped-User-Name}.
Why did you edit the default configuration and break it?
Alan DeKok.
More information about the Freeradius-Users
mailing list