ntlm_auth not being invoked

Shaun donovan shaund at teqcle.co.za
Fri Jun 4 14:02:27 CEST 2021

Hi All.

I have configured FreeRADIUS Version 3.0.20 on a CentOS Linux release 
8.3.2011 machine with daloRadius. I have then followed the instructions 
to allow FreeRADIUS to authenticate against an Active Directory.

Everything works up to the point that I must remove the "testing entry" 
in raddb/mods-config/files/authorize, namely the "DEFAULT Auth-Type = 
ntlm_auth" and uncomment the "ntlm_auth =" line in raddb/modules/mschap. 
Once I do this and test using radtest, I get:

(0) pap: WARNING: No "known good" password found for the user. Not 
setting Auth-Type
(0) pap: WARNING: Authentication will fail unless a "known good" 
password is available
(0)     [pap] = noop
(0)   } # authorize = ok
(0) ERROR: No Auth-Type found: rejecting the user via Post-Auth-Type = 

from Radius -X.

I can see that it is trying to do PAP authentication, but does not "Fall 
Through" to try ntlm_auth. I have tried to google this extensively, but 
cannot find where I should configure FreeRADIUS to first try PAP and the 
try ntlm_auth.

Any help appreciated.

Kind Regards.


More information about the Freeradius-Users mailing list