RHEL 8, FreeRADIUS. LDAP, and Active Directory

White, Daniel E. (GSFC-770.0)[AEGIS] daniel.e.white at nasa.gov
Mon Jun 6 15:54:22 UTC 2022

I am closer, but not quite there.

I got "radtest -x <user> <clear text password> localhost 0 testing123" to work.

I do not want passwords spewing over the network in cleartext, 
but I cannot get "radtest -x -t mschap <user> <clear text password> localhost 0 testing123" working.

I get this is the server output:

(0) mschap: WARNING: No Cleartext-Password configured.  Cannot create NT-Password
(0) mschap: Client is using MS-CHAPv1 with NT-Password
(0) mschap: ERROR: FAILED: No NT/LM-Password.  Cannot perform authentication
(0) mschap: ERROR: MS-CHAP2-Response is incorrect

I tried looking for a way to force mschapv2 but could find nothing.

I tried using "{nthash}..." for the password after finding smbencrypt, but no joy.

How do I either pass in an NT Password or get FR to encrypt the Cleartext-Password given ?

More information about the Freeradius-Users mailing list