FR 3.0.21 authenticating to OpenDirectory on macOS Catalina
Jason Holloway
jason_holloway at mac.com
Mon Nov 23 10:33:09 CET 2020
Hi all,
Alan, thank you for confirming what I suspected.
Before I go tilting at windmills, has anyone on here successfully
managed to integrate with OD under macOS Catalina for MSCHAPv2
authentication?
Thanks,
Jason
On 22 November 2020 at 14:03:39, Alan DeKok
([1]aland at deployingradius.com) wrote:
On Nov 20, 2020, at 2:00 PM, Jason Holloway via Freeradius-Users
<freeradius-users at lists.freeradius.org> wrote:
>
> FR compiled from source, configured according to Apple Support KB and
> tested authenticating successfully via PAP.
>
> However, MSCHAPv2 authentication failing.
>
> (3) mschap: WARNING: No Cleartext-Password configured. Cannot create
> NT-Password
> (3) mschap: No NT-Password configured. Trying OpenDirectory
> Authentication
> (3) mschap: OD username_string = jasonh, OD shortUserName= (length =
> 0)
> (3) mschap: ERROR: rlm_mschap: authentication failed - status =
> eUndefinedError
What a helpful error message. :(
The issue here is that FreeRADIUS hands the MS-CHAP data to
OpenDirectory, and OpenDirectory returns success / fail. Or in this
case, "error".
Unless we get more information about how OpenDirectory works, there
isn't much more that we can do.
Alan DeKok.
-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
References
1. mailto:aland at deployingradius.com
More information about the Freeradius-Users
mailing list