Wrong key: http://support.microsoft.com/kb/823731
Ivan Kalik Kalik Informatika ISP Dana 8/4/2008, "Charlie B" <[EMAIL PROTECTED]> piše: >Hello everyone, > >We have setup FreeRadius w/ Active Direcotry using LDAP and ntlm as per the >wiki and everything is working great save one item of concern. > >When our users are needing to reset their password or have reset their >password ntlm fails > >I'm pretty certain that this is not a freeradius issue and I'm sorry to post >here however this would be the largest base for user whom may have >experienced this issue > >We can correct the issue if we remove the registry key located >HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\EAPOL\Parameters however this removes >the 802.1x configuration for the machine. > > >rlm_ldap: looking for check items in directory... >rlm_ldap: looking for reply items in directory... >rlm_ldap: user Raduser authorized to use remote access >rlm_ldap: ldap_release_conn: Release Id: 0 > > >rlm_mschap: Told to do MS-CHAPv2 for Raduser with NT-Password >radius_xlat: Running registered xlat function of module mschap for string >'User-Name' >radius_xlat: '--username=Raduser' >radius_xlat: Running registered xlat function of module mschap for string >'Challenge' > mschap2: 88 >radius_xlat: '--challenge=5fb05b4d0e49743a' >radius_xlat: Running registered xlat function of module mschap for string >'NT-Response' >radius_xlat: >'--nt-response=abc64919a43a42c675c516ce59001bb4a3ef65d68f8de407' >Exec-Program output: Logon failure (0xc000006d) >Exec-Program-Wait: plaintext: Logon failure (0xc000006d) >Exec-Program: returned: 1 > rlm_mschap: External script failed. > rlm_mschap: FAILED: MS-CHAP2-Response is incorrect > modcall[authenticate]: module "mschap" returns reject for request 48 >modcall: leaving group MS-CHAP (returns reject) for request 48 > rlm_eap: Freeing handler > modcall[authenticate]: module "eap" returns reject for request 48 >modcall: leaving group authenticate (returns reject) for request 48 >auth: Failed to validate the user. >Login incorrect (rlm_mschap: Logon failure (0xc000006d)): [Raduser/<no >User-Password attribute>] (from client localhost port 0) > > > >freeradius-1.1.7-3.1 >samba-3.0.28-0 >samba-client-3.0.28-0 >samba-common-3.0.28-0 > > > >Any help much appreciated, we currently running about 1500 users with this >setup and everything is great save the password issue. > >Thanks > > - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
