Re: ntlm_auth - rlm_mschap: No User-Password configured. Cannot create NT-Password.

Sun, 16 Jul 2006 19:09:36 -0700 


Tx for the reply.....
Am cross posting  to the samba list ....


Can you tell me how to create the challenge and response stuff .... I 
can then test it outside of radius....

I can then check agains both domains.....


Please humour another query ... how do I test to see if I have the XP 
extensions in the certificates ..
It is beginning to look that I am going to have to go down that road... 
Bummer .. the users are

going to love that .. NOT. More work for me :-(

TIA

Peter

Peter de Groot
Windows Re-Installation Engineer
Eastern Goldfields College
Ph  08) 90801800  Fax 08) 90801866 Mob  0418915312
http://egshs.wa.edu.au



Phil Mayers wrote:




[EMAIL PROTECTED] raddb]#
[EMAIL PROTECTED] raddb]#

[EMAIL PROTECTED] raddb]# /usr/bin/ntlm_auth --request-nt-key -- 
username=e2052982 --domain=ADMIN4182 --challenge=6151ad29f27eff47  -- 
nt-response=01e42eabc464bf9915883d804457069d4702d95534ce4d53

Logon failure (0xc000006d)
[EMAIL PROTECTED] raddb]#
[EMAIL PROTECTED] raddb]#


Not good. :-(  .. but they do give me the domain option .. so it 
"should" be ok. ?



Try asking on the Samba lists. Also, check the event logs on the other 
domain - it might be that you don't have the relevant options enabled 
or permissions set to do inter-domain mschap (I don't know what, if 
any, options you need)




.
.
.

Sorry ... couple more idiot (newbie) questions  ....


I am using PEAP with MSCHAPv2 .. and (I think) according to the how- 
tos .. I do NOT need
ANY certificate(s) on the client PC... Is this correct ??.... or, if not 


Correct


.. which certificate(s) are

REQUIRED on the PC... ??  I am using tinyCA with the OID extra bits 
for the XP extensions.

Is this an error in the following certficate stuff ??



ignore that


.
.
.

IS the following significant ... ?? It seems to say it cannot create 
the password ??


modcall: entering group MS-CHAP for request 7
 rlm_mschap: No User-Password configured.  Cannot create LM-Password.
 rlm_mschap: No User-Password configured.  Cannot create NT-Password.
 rlm_mschap: Told to do MS-CHAPv2 for e2052982 with NT-Password


ignore that, since you're using ntlm_auth it's irrelevant

- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/ 
users.html

- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html





















					Reply via email to