Alan DeKok aland at
Wed Dec 1 14:44:56 CET 2021

On Dec 1, 2021, at 8:05 AM, Diego Forcella <diego.forcella at> wrote:
> With your suggestion I tried radtest and works correctly, I then modified using (Realm == domain1) elseif (Realm ==domain2) and it works also in this way, thank you very much for your help

  That's fine.

> I've another problem now, I need to use this with a captive portal that support only chap or ms-chapv2 and when a user try to login to captive portal configured with chap in freeradius log I have the error
> chap: ERROR: &control:Cleartext-Password is required for authentication
> or, if I set ms-chapv2 in captive portal, the error is
> (1) mschap: WARNING: No Cleartext-Password configured.  Cannot create NT-Password
> (1) mschap: Creating challenge hash with username: xxx at
> (1) mschap: Client is using MS-CHAPv2
> (1) mschap: ERROR: FAILED: No NT/LM-Password.  Cannot perform authentication
> (1) mschap: ERROR: MS-CHAP2-Response is incorrect
> It's possible to have chap (or ms-chapv2) and ldap working in freeradius?

  It's not about LDAP.  It's how you store the password in LDAP.

  Alan DeKok.

More information about the Freeradius-Users mailing list