ntlm_auth and MSCHAP issues

Adam McPartlan adam.mcpartlan at nynet.co.uk
Thu Feb 20 13:34:02 CET 2020

Hi Louis,

> If you followed it exactly it should work.

That's what I thought. I have had another look through the config and
found that I had  commented out "require_encryption = yes" for some
illogical reason.

> Did you set this on the ad-dc and member (the proxy). :   ntlm auth =
> mschapv2-and-ntlmv2-only
> Run also: adduser proxy winbindd_priv

I had also not set the server up as a cleint in the NPS on AD.
The combination of the two corrections has brought me a well received
Access-Accept packet. So thank you very much for your time and your

Kind regards


CONFIDENTIALITY WARNING: This email has been sent from NYnet Ltd, a UK limited company controlled by North Yorkshire County Council. The information in this email (and any document(s) attached to it) is confidential or legally privileged, and is intended solely for the use of the person named above. If you are not the intended recipient, please be aware that any disclosure, copying, distribution or use of the contents of this E-mail is strictly prohibited. An individual with the title of director does not necessarily mean they are a statutory director. A full list of statutory directors is available for inspection at our registered office.

More information about the Freeradius-Users mailing list