Also, RADDEBUG won't stay running very long: raddebug -f /usr/local/pf/var/run/radiusd.sock > /root/radius.debug
This command works and I get output written to radius.debug, but the debugger will stop running randomly making it very difficult to isolate fault conditions. On Wed, Feb 20, 2019 at 8:45 AM Christian McDonald <[email protected]> wrote: > Fabrice, > > I can't see anything immediately obvious from the logs. I should mention > that I'm using a single user account in Active Directory that is shared on > multiple Chromebooks. All the Chromebooks are configured identically. > However, some connect just fine and others don't...chrooted_mschap: Program > returned code (1) and output 'The attempted logon is invalid. > > Does Active Directory place limits on NTLM authentication? Some sort of > rate-limiting? > > On Tue, Feb 19, 2019 at 8:52 PM Durand fabrice via PacketFence-users < > [email protected]> wrote: > >> Hello Christian, >> >> what you can do is to run radius in debug mode: >> >> raddebug -r /usr/local/pf/var/run/radiusd.sock > /root/radius.debug >> >> >> Then try the bogus AP and try with another one and check the debug and >> search for the line where freeradius call ntlm_auth and see if the output >> is the same. (chrooted_mschap: Executing: /usr/bin/sudo /usr/sbin/chroot >> /chroots/...) >> >> Regards >> >> Fabrice >> >> >> Le 19-02-19 à 11 h 46, Christian McDonald via PacketFence-users a écrit : >> >> Greetings, >> >> I have one access point that keeps rejecting clients with: >> >> chrooted_mschap: Program returned code (1) and output 'The attempted >> logon is invalid. This is either due to a bad username or authentication >> information. (0xc000006d)' >> >> However, the same client on a different AP with the same credentials >> works fine. >> >> All APs are members of the same "switch" group and have identical >> configuration both in PacketFence and my controller (UniFi) >> >> -- >> *R. Christian McDonald * >> M: (616) 856-9291 >> E: [email protected] >> >> >> _______________________________________________ >> PacketFence-users mailing >> [email protected]https://lists.sourceforge.net/lists/listinfo/packetfence-users >> >> _______________________________________________ >> PacketFence-users mailing list >> [email protected] >> https://lists.sourceforge.net/lists/listinfo/packetfence-users >> > > > -- > R. Christian McDonald > *Director of Technology* > Grand Rapids Adventist Academy > C: (616) 856-9291 > > -- R. Christian McDonald *Director of Technology* Grand Rapids Adventist Academy C: (616) 856-9291
_______________________________________________ PacketFence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users
