MS-CHAP2-Response is incorrect
L.P.H. van Belle
belle at bazuin.nl
Thu Sep 2 09:02:18 CEST 2021
You can post your problem to the samba list if you want help with this.
Below sounds to me your missing
winbind refresh tickets = yes
> -----Oorspronkelijk bericht-----
> Van: Freeradius-Users
> [mailto:freeradius-users-bounces+belle=bazuin.nl at lists.freerad
ius.org] Namens Alan DeKok
> Verzonden: woensdag 1 september 2021 23:26
> Aan: FreeRadius users mailing list
> Onderwerp: Re: MS-CHAP2-Response is incorrect
>
> On Sep 1, 2021, at 2:56 PM, Pennington, Daniel J
> <pennind1 at universalleaf.com> wrote:
> > Our FreeRadius to Active Directory authentication is no
> longer working. It was working up until about a month ago, we
> upgraded the domain controller from 2008r2 to 2012r2.
>
> "new security rules". See this for more information about
> magical Samba settings:
>
> https://wiki.samba.org/index.php/Authenticating_Freeradius_aga
> inst_Active_Directory
>
> > After that we started having issues when people connecting
> to the VPN would get “Access denied – wrong user name or
> password”. Even though the server never appeared to lose
> domain connection, adding the FreeRadius server back to the
> domain with “net join” would band aid it for a week and then
> the same error message would come up. However that band aid
> hasstopped working.
>
> I'd put this down to magical Samba && AD interaction.
> Unfortunately, we don't control either, so there isn't a lot
> we can do.
Sadly correct yes. Ah.. It save you time Alan ;-)
>
> Alan DeKok.
>
>
Greetz,
Louis
More information about the Freeradius-Users
mailing list