Sorry If I am a bit late to the party, but have you reproduced the issue
precisely the same way FreeRADIUS is trying to authenticate that machine?
I.e:
If FR says the following:
[mschap] Creating challenge hash with username: host/LT-T430-3.omni.imsweb.com
[mschap] Client is using MS-CHAPv2 for host/LT-T430-3.omni.imsweb.com, we need
NT-Password
[mschap] expand: %{Stripped-User-Name} ->
[mschap] ... expanding second conditional
[mschap] expand: %{mschap:User-Name:-None} -> LT-T430-3$
[mschap] expand:
--username=%{%{Stripped-User-Name}:-%{mschap:User-Name:-None}} ->
--username=LT-T430-3$
[mschap] Creating challenge hash with username: host/LT-T430-3.omni.imsweb.com
[mschap] expand: --challenge=%{mschap:Challenge:-00} ->
--challenge=4ab096b446376d5f
[mschap] expand: --ntresponse=%{mschap:NT-Response:-00} ->
--ntresponse=4df85dd62db46ee5bef1aa07fe499e87fc16eca72bd529e7
Then do:
# ntlm_auth --username=LT-T430-3\$ --challenge=4ab096b446376d5f
--ntresponse=4df85dd62db46ee5bef1aa07fe499e87fc16eca72bd529e7
Same goes for user authentication.
Also, please show us the contents of your /usr/local/pf/raddb/modules/mschap.
--
Louis Munro
[email protected] :: www.inverse.ca
+1.514.447.4918 *125 :: +1 (866) 353-6153
Inverse inc. :: Leaders behind SOGo (www.sogo.nu) and PacketFence
(www.packetfence.org)
------------------------------------------------------------------------------
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
