On 03/04/2011 01:32 AM, robert22 wrote:
Phil Mayers wrote:
Are you sure the mschap client is using the right password, and matches
the password in the domain?
Can you do a plaintext auth with the password you expect it to be?
ntlm_auth --username= --password=
Works fine with plaintext auth:
Ok
root@FREERADIUS:/etc/freeradius# ntlm_auth --username=0024D6650564
--password=Pa$$w0rd
NT_STATUS_OK: Success (0x0)
root@FREERADIUS:/etc/freeradius# ntlm_auth --username=0024D670F3A6
--password=Pa$$w0rd
NT_STATUS_OK: Success (0x0)
root@FREERADIUS:/etc/freeradius# ntlm_auth --username=0024D6650564
--password=Pa$$w0rd
NT_STATUS_OK: Success (0x0)
The password Pa$$w0rd is set in the Wireless Controller, if thats what you
mean by mschap client?
I do.
Since the password in the domain is definitely right, and winbind
appears to be working, I'd have to guess the password in the wireless
controller is wrong somehow, but that seems unlikely to be something
you'd have missed.
Is there a tool I can use to test this with that will send mschap challanges
etc to the freeradius, rather than using the wireless controller? someone
Under recent versions of FreeRadius, "radtest" can do it.
If you can't upgrade the version on the server, perhaps install a newer
copy on a separate machine.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
