FREERADIUS WITH MULTIPLE LDAP AUTHENTICATION SOURCES
Alan DeKok
aland at deployingradius.com
Wed Dec 1 14:44:56 CET 2021
On Dec 1, 2021, at 8:05 AM, Diego Forcella <diego.forcella at c2group.it> wrote:
> With your suggestion I tried radtest and works correctly, I then modified using (Realm == domain1) elseif (Realm ==domain2) and it works also in this way, thank you very much for your help
That's fine.
> I've another problem now, I need to use this with a captive portal that support only chap or ms-chapv2 and when a user try to login to captive portal configured with chap in freeradius log I have the error
>
> chap: ERROR: &control:Cleartext-Password is required for authentication
>
> or, if I set ms-chapv2 in captive portal, the error is
>
> (1) mschap: WARNING: No Cleartext-Password configured. Cannot create NT-Password
> (1) mschap: Creating challenge hash with username: xxx at xxx.com
> (1) mschap: Client is using MS-CHAPv2
> (1) mschap: ERROR: FAILED: No NT/LM-Password. Cannot perform authentication
> (1) mschap: ERROR: MS-CHAP2-Response is incorrect
>
> It's possible to have chap (or ms-chapv2) and ldap working in freeradius?
It's not about LDAP. It's how you store the password in LDAP.
http://deployingradius.com/documents/protocols/compatibility.html
Alan DeKok.
More information about the Freeradius-Users
mailing list