Yes, I am trying to do MSCHAPv2 from the laptop. If the below is true why am I able to do a successful Radtest user password server 0 secret on the radius server? I believe the password is plain text but I'm not 100% positive, I am able to connect other software such as Confluence to it with open passwords.
Thanks, ----- Original Message ----- From: "Phil Mayers" <[email protected]> To: "FreeRadius users mailing list" <[email protected]> Sent: Tuesday, July 21, 2009 12:35:42 PM GMT -05:00 US/Canada Eastern Subject: Re: Connecting freeRadius to openLDAP Eric Bourkland wrote: > I can attach any of my config files but what I have done is rebuilt a > whole new server RHEL4.7-ES, with freeRadius v2.1.6 installed. with In all probability, your LDAP database either: 1. Does not contain the plaintext password, or NT/LM hash. 2. Does not give the plaintext password or NT/LM hash to FreeRadius because of LDAP ACLs. ...and you are trying to do PEAP/MSCHAPv2. If so, you need to correct this, because PEAP/MSCHAPv2 requires either: 1. FreeRadius have the plaintext password 2. FreeRadius have the NT/LM hash 3. FreeRadius be able to call an RPC on a domain controller (via the "ntlm_auth" helper config option on the "mschap" module) - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
