Problem with ntlm_auth between freeradius 3.0 and Samba 4 AD
Alan DeKok
aland at deployingradius.com
Tue Jul 3 18:34:31 CEST 2018
> On Jul 3, 2018, at 11:49 AM, Benjamin DUPALUT <benjamin.dupalut at esiee.fr> wrote:,
>
> First of all, sorry for my english if there is some mistakes.
It's fine.
> I'm trying to set up an authentication between a freeradius 3.0 server and
> a Samba 4 AD using ntlm_auth.
>
> I apply the configuration from
> deployingradius.com/documents/configuration/active_directory.html
See the section titles "Configuring FreeRADIUS to use ntlm_auth"
> but i got
> an error when testing with the "radtest -t mschap user passwd 127.0.0.1 0
> testing123" command.
>
> Here is the issue of the freeradius -X debug :
>
> (11) mschap: WARNING: No Cleartext-Password configured. Cannot create NT-Password
> (11) mschap: WARNING: No Cleartext-Password configured. Cannot create LM-Password
>
> (11) mschap: Client is using MS-CHAPv1 with NT-Password
> (11) mschap: ERROR: FAILED: No NT/LM-Password. Cannot perform
> authentication
> (11) mschap: ERROR: MS-CHAP2-Response is incorrect
It's still trying to use Cleartext-Password. You need to configure it to use ntlm_auth.
Alan DeKok.
More information about the Freeradius-Users
mailing list