Re: [PacketFence-users] ldap authentication failed
Hello there, Once you enable the NTLM or the plain text stored password, did you reset the password? You will need to because the db does not go over the password once you change the method of storage. You can use the command: /usr/local/pf/pftest authentication USERNAME PASSWORD local to verify if everything matches. Thanks, PS: make sure to restart radius processes as well. Ludovic Zammit Product Support Engineer Principal Lead Cell: +1.613.670.8432 Akamai Technologies - Inverse 145 Broadway Cambridge, MA 02142 Connect with Us: <https://community.akamai.com/> <http://blogs.akamai.com/> <https://twitter.com/akamai> <http://www.facebook.com/AkamaiTechnologies> <http://www.linkedin.com/company/akamai-technologies> <http://www.youtube.com/user/akamaitechnologies?feature=results_main> > On Nov 23, 2022, at 11:51 PM, Nikunj Vacchani via PacketFence-users > wrote: > > Hello Fabrice, > > My univention password settings is. > > Password complexity: on > Store plaintext passwords: off > Password history length: 0 > Minimum password length: 8 > Minimum password age (days): 0 > Maximum password age (days): 0 > Account lockout duration (mins): 0 > Account lockout threshold (attempts): 0 > Reset account lockout after (mins): 30 > > > > Thanks & Regards, > Nikunj Vachhani. > Network Engineer. > 99091 10490 > > From: Fabrice Durand mailto:oeufd...@gmail.com>> > Sent: 23 November 2022 07:25 PM > To: packetfence-users@lists.sourceforge.net > <mailto:packetfence-users@lists.sourceforge.net> > Cc: Nikunj Vacchani mailto:nikun...@allotgroup.com>> > Subject: Re: [PacketFence-users] ldap authentication failed > > CAUTION: This email originated from outside of the organization. Do not click > links or open attachments unless you recognize the sender and know the > content is safe. > > Hello Nikunj, > you can use ldap for peap only if you can grab the password in clear text or > with NT-Hash > > http://deployingradius.com/documents/protocols/compatibility.html > <https://urldefense.com/v3/__http://deployingradius.com/documents/protocols/compatibility.html__;!!GjvTz_vk!XjmcYyZGcoT7uEEOCV4xdJKgxsF2ebuYHzGXP1LSsPse49rNZJtXOaqp49sYhIEywyXdUvX0xeNggjqRvMKckiQaJkffg_xWIuwxjw$> > > So how do you configure that ? > > Or join the packetfence server to the domain. > > Regards > Fabrice > > > > Le mer. 23 nov. 2022 à 08:47, Nikunj Vacchani via PacketFence-users > <mailto:packetfence-users@lists.sourceforge.net>> a écrit : > Hello > > I m able to authenticate with local user but I m not able to authenticate > with my ldap server users, > > I m facing error, > > PacketFence-KeyBalanced = "1acc010ea4ece6928d7a7f0c37444c0f" > PacketFence-Radius-Ip = "10.20.40.153" > Event-Timestamp = "Nov 17 2022 12:42:35 IST" > Acct-Session-Id = "05000132" > NAS-Port = 53 > NAS-IP-Address = 11.11.11.240 > PacketFence-NTLMv2-Only = "" > EAP-Message = > 0x020800431a0208003e319e88dd03b1c260dbc55155c80f85eed0eed23b3c6bbfe523b45578ae1d11d4211d136139d7394e6a005252555c74657374 > FreeRADIUS-Proxied-To = 127.0.0.1 > EAP-Type = MSCHAPv2 > MS-CHAP2-Response = > 0x08529e88dd03b1c260dbc55155c80f85eed0eed23b3c6bbfe523b45578ae1d11d4211d136139d7394e6a > Calling-Station-Id = "54:05:db:0a:ae:a4" > Stripped-User-Name = "test" > User-Name = "RRU\\test" > PacketFence-Outer-User = "RRU\\test" > NAS-Port-Type = Ethernet > PacketFence-Domain = "RRUAD01" > MS-CHAP-Challenge = 0xa88d981c98c2e8b5e0512896662f75d3 > Realm = "default" > MS-CHAP-User-Name = "RRU\\test" > State = 0x0e2308c40e2b12014ce5e92689785f0a > Module-Failure-Message = "chrooted_mschap: Program returned code (1) and > output 'The attempted logon is invalid. This is either due to a bad username > or authentication information. (0xc06d)'" > Module-Failure-Message = "chrooted_mschap: External script says: The > attempted logon is invalid. This is either due to a bad username or > authentication information. (0xc06d)" > Module-Failure-Message = "chrooted_mschap: MS-CHAP2-Response is incorrect" > User-Password = "**" > SQL-User-Name = "RRUtest" > RADIUS Reply > MS-CHAP-Error = "\010E=691 R=0 C=fefbe43603701f99844df4f72dfc01ac V=3 > M=Authentication rejected" > EAP-Message = 0x04080004 > Message-Authenticator = 0x > > > Anyone have idea, how to resolve this error. > > Thanks & Regards, > Nikunj Vach
Re: [PacketFence-users] ldap authentication failed
Hello all, /user/local/pf/bin/pfcmd authentication username password This working fine for local user and ldap user using this command. But when we authenticate through the client laptop local user authentication successful but ldap user gives me error. Thanks & Regards, Nikunj Vachhani. Network Engineer. 99091 10490 -Original Message- From: Zammit, Ludovic Sent: 25 November 2022 03:10 AM To: PacketFence-users Cc: Fabrice Durand ; Nikunj Vacchani Subject: Re: [PacketFence-users] ldap authentication failed CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe. DISCLAIMER : The content of this email is confidential and intended for the recipient specified in message only. It is strictly forbidden to share any part of this message with any third party, without a written consent of the sender. If you received this message by mistake, please reply to this message and follow with its deletion, so that we can ensure such a mistake does not occur in the future. ___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users
Re: [PacketFence-users] ldap authentication failed
Hello Fabrice, My univention password settings is. Password complexity: on Store plaintext passwords: off Password history length: 0 Minimum password length: 8 Minimum password age (days): 0 Maximum password age (days): 0 Account lockout duration (mins): 0 Account lockout threshold (attempts): 0 Reset account lockout after (mins): 30 Thanks & Regards, Nikunj Vachhani. Network Engineer. 99091 10490 From: Fabrice Durand Sent: 23 November 2022 07:25 PM To: packetfence-users@lists.sourceforge.net Cc: Nikunj Vacchani Subject: Re: [PacketFence-users] ldap authentication failed CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe. Hello Nikunj, you can use ldap for peap only if you can grab the password in clear text or with NT-Hash http://deployingradius.com/documents/protocols/compatibility.html So how do you configure that ? Or join the packetfence server to the domain. Regards Fabrice Le mer. 23 nov. 2022 à 08:47, Nikunj Vacchani via PacketFence-users mailto:packetfence-users@lists.sourceforge.net>> a écrit : Hello I m able to authenticate with local user but I m not able to authenticate with my ldap server users, I m facing error, PacketFence-KeyBalanced = "1acc010ea4ece6928d7a7f0c37444c0f" PacketFence-Radius-Ip = "10.20.40.153" Event-Timestamp = "Nov 17 2022 12:42:35 IST" Acct-Session-Id = "05000132" NAS-Port = 53 NAS-IP-Address = 11.11.11.240 PacketFence-NTLMv2-Only = "" EAP-Message = 0x020800431a0208003e319e88dd03b1c260dbc55155c80f85eed0eed23b3c6bbfe523b45578ae1d11d4211d136139d7394e6a005252555c74657374 FreeRADIUS-Proxied-To = 127.0.0.1 EAP-Type = MSCHAPv2 MS-CHAP2-Response = 0x08529e88dd03b1c260dbc55155c80f85eed0eed23b3c6bbfe523b45578ae1d11d4211d136139d7394e6a Calling-Station-Id = "54:05:db:0a:ae:a4" Stripped-User-Name = "test" User-Name = "RRU\\test" PacketFence-Outer-User = "RRU\\test" NAS-Port-Type = Ethernet PacketFence-Domain = "RRUAD01" MS-CHAP-Challenge = 0xa88d981c98c2e8b5e0512896662f75d3 Realm = "default" MS-CHAP-User-Name = "RRU\\test" State = 0x0e2308c40e2b12014ce5e92689785f0a Module-Failure-Message = "chrooted_mschap: Program returned code (1) and output 'The attempted logon is invalid. This is either due to a bad username or authentication information. (0xc06d)'" Module-Failure-Message = "chrooted_mschap: External script says: The attempted logon is invalid. This is either due to a bad username or authentication information. (0xc06d)" Module-Failure-Message = "chrooted_mschap: MS-CHAP2-Response is incorrect" User-Password = "**" SQL-User-Name = "RRUtest" RADIUS Reply MS-CHAP-Error = "\010E=691 R=0 C=fefbe43603701f99844df4f72dfc01ac V=3 M=Authentication rejected" EAP-Message = 0x04080004 Message-Authenticator = 0x Anyone have idea, how to resolve this error. Thanks & Regards, Nikunj Vachhani. Network Engineer. 99091 10490 From: Nikunj Vacchani via PacketFence-users mailto:packetfence-users@lists.sourceforge.net>> Sent: 16 November 2022 07:29 PM To: packetfence-users@lists.sourceforge.net<mailto:packetfence-users@lists.sourceforge.net> Cc: Nikunj Vacchani mailto:nikun...@allotgroup.com>> Subject: [PacketFence-users] ldap authentication failed CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe. Hello everyone, I m facing issue when I m trying to authenticate with LDAP user. ERROR, chrooted_mschap: Program returned code (1) and output 'The attempted logon is invalid. This is either due to a bad username or authentication information. (0xc06d)' how to resolve this issue. Thanks & Regards, Nikunj Vachhani. Network Engineer. 99091 10490 DISCLAIMER : The content of this email is confidential and intended for the recipient specified in message only. It is strictly forbidden to share any part of this message with any third party, without a written consent of the sender. If you received this message by mistake, please reply to this message and follow with its deletion, so that we can ensure such a mistake does not occur in the future. DISCLAIMER : The content of this email is confidential and intended for the recipient specified in message only. It is strictly forbidden to share any part of this message with any third party, without a written consent of the sender. If you received this message by mistake, please reply to this message and follow with its deletion, so that we can ensure such a mistake does not occur in the future. ___ PacketFence-users mailing list Pa
Re: [PacketFence-users] ldap authentication failed
Hello Nikunj, you can use ldap for peap only if you can grab the password in clear text or with NT-Hash http://deployingradius.com/documents/protocols/compatibility.html So how do you configure that ? Or join the packetfence server to the domain. Regards Fabrice Le mer. 23 nov. 2022 à 08:47, Nikunj Vacchani via PacketFence-users < packetfence-users@lists.sourceforge.net> a écrit : > Hello > > > > I m able to authenticate with local user but I m not able to authenticate > with my ldap server users, > > > > I m facing error, > > > > PacketFence-KeyBalanced = "1acc010ea4ece6928d7a7f0c37444c0f" > > PacketFence-Radius-Ip = "10.20.40.153" > > Event-Timestamp = "Nov 17 2022 12:42:35 IST" > > Acct-Session-Id = "05000132" > > NAS-Port = 53 > > NAS-IP-Address = 11.11.11.240 > > PacketFence-NTLMv2-Only = "" > > EAP-Message = > 0x020800431a0208003e319e88dd03b1c260dbc55155c80f85eed0eed23b3c6bbfe523b45578ae1d11d4211d136139d7394e6a005252555c74657374 > > FreeRADIUS-Proxied-To = 127.0.0.1 > > EAP-Type = MSCHAPv2 > > MS-CHAP2-Response = > 0x08529e88dd03b1c260dbc55155c80f85eed0eed23b3c6bbfe523b45578ae1d11d4211d136139d7394e6a > > Calling-Station-Id = "54:05:db:0a:ae:a4" > > Stripped-User-Name = "test" > > User-Name = "RRU\\test" > > PacketFence-Outer-User = "RRU\\test" > > NAS-Port-Type = Ethernet > > PacketFence-Domain = "RRUAD01" > > MS-CHAP-Challenge = 0xa88d981c98c2e8b5e0512896662f75d3 > > Realm = "default" > > MS-CHAP-User-Name = "RRU\\test" > > State = 0x0e2308c40e2b12014ce5e92689785f0a > > Module-Failure-Message = "chrooted_mschap: Program returned code (1) and > output 'The attempted logon is invalid. This is either due to a bad > username or authentication information. (0xc06d)'" > > Module-Failure-Message = "chrooted_mschap: External script says: The > attempted logon is invalid. This is either due to a bad username or > authentication information. (0xc06d)" > > Module-Failure-Message = "chrooted_mschap: MS-CHAP2-Response is incorrect" > > User-Password = "**" > > SQL-User-Name = "RRUtest" > > RADIUS Reply > > MS-CHAP-Error = "\010E=691 R=0 C=fefbe43603701f99844df4f72dfc01ac V=3 > M=Authentication rejected" > > EAP-Message = 0x04080004 > > Message-Authenticator = 0x0000 > > > > > > Anyone have idea, how to resolve this error. > > > > Thanks & Regards, > > Nikunj Vachhani. > > Network Engineer. > > 99091 10490 > > > > *From:* Nikunj Vacchani via PacketFence-users < > packetfence-users@lists.sourceforge.net> > *Sent:* 16 November 2022 07:29 PM > *To:* packetfence-users@lists.sourceforge.net > *Cc:* Nikunj Vacchani > *Subject:* [PacketFence-users] ldap authentication failed > > > > CAUTION: This email originated from outside of the organization. Do not > click links or open attachments unless you recognize the sender and know > the content is safe. > > > > Hello everyone, > > > > I m facing issue when I m trying to authenticate with LDAP user. > > > > ERROR, > > > > chrooted_mschap: Program returned code (1) and output 'The attempted logon > is invalid. This is either due to a bad username or authentication > information. (0xc06d)' > > > > how to resolve this issue. > > > > Thanks & Regards, > > Nikunj Vachhani. > > Network Engineer. > > 99091 10490 > > > > DISCLAIMER : The content of this email is confidential and intended for > the recipient specified in message only. It is strictly forbidden to share > any part of this message with any third party, without a written consent of > the sender. If you received this message by mistake, please reply to this > message and follow with its deletion, so that we can ensure such a mistake > does not occur in the future. > DISCLAIMER : The content of this email is confidential and intended for > the recipient specified in message only. It is strictly forbidden to share > any part of this message with any third party, without a written consent of > the sender. If you received this message by mistake, please reply to this > message and follow with its deletion, so that we can ensure such a mistake > does not occur in the future. > ___ > PacketFence-users mailing list > PacketFence-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/packetfence-users > ___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users
Re: [PacketFence-users] ldap authentication failed
Hello I m able to authenticate with local user but I m not able to authenticate with my ldap server users, I m facing error, PacketFence-KeyBalanced = "1acc010ea4ece6928d7a7f0c37444c0f" PacketFence-Radius-Ip = "10.20.40.153" Event-Timestamp = "Nov 17 2022 12:42:35 IST" Acct-Session-Id = "05000132" NAS-Port = 53 NAS-IP-Address = 11.11.11.240 PacketFence-NTLMv2-Only = "" EAP-Message = 0x020800431a0208003e319e88dd03b1c260dbc55155c80f85eed0eed23b3c6bbfe523b45578ae1d11d4211d136139d7394e6a005252555c74657374 FreeRADIUS-Proxied-To = 127.0.0.1 EAP-Type = MSCHAPv2 MS-CHAP2-Response = 0x08529e88dd03b1c260dbc55155c80f85eed0eed23b3c6bbfe523b45578ae1d11d4211d136139d7394e6a Calling-Station-Id = "54:05:db:0a:ae:a4" Stripped-User-Name = "test" User-Name = "RRU\\test" PacketFence-Outer-User = "RRU\\test" NAS-Port-Type = Ethernet PacketFence-Domain = "RRUAD01" MS-CHAP-Challenge = 0xa88d981c98c2e8b5e0512896662f75d3 Realm = "default" MS-CHAP-User-Name = "RRU\\test" State = 0x0e2308c40e2b12014ce5e92689785f0a Module-Failure-Message = "chrooted_mschap: Program returned code (1) and output 'The attempted logon is invalid. This is either due to a bad username or authentication information. (0xc06d)'" Module-Failure-Message = "chrooted_mschap: External script says: The attempted logon is invalid. This is either due to a bad username or authentication information. (0xc06d)" Module-Failure-Message = "chrooted_mschap: MS-CHAP2-Response is incorrect" User-Password = "**" SQL-User-Name = "RRUtest" RADIUS Reply MS-CHAP-Error = "\010E=691 R=0 C=fefbe43603701f99844df4f72dfc01ac V=3 M=Authentication rejected" EAP-Message = 0x04080004 Message-Authenticator = 0x Anyone have idea, how to resolve this error. Thanks & Regards, Nikunj Vachhani. Network Engineer. 99091 10490 From: Nikunj Vacchani via PacketFence-users Sent: 16 November 2022 07:29 PM To: packetfence-users@lists.sourceforge.net Cc: Nikunj Vacchani Subject: [PacketFence-users] ldap authentication failed CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe. Hello everyone, I m facing issue when I m trying to authenticate with LDAP user. ERROR, chrooted_mschap: Program returned code (1) and output 'The attempted logon is invalid. This is either due to a bad username or authentication information. (0xc06d)' how to resolve this issue. Thanks & Regards, Nikunj Vachhani. Network Engineer. 99091 10490 DISCLAIMER : The content of this email is confidential and intended for the recipient specified in message only. It is strictly forbidden to share any part of this message with any third party, without a written consent of the sender. If you received this message by mistake, please reply to this message and follow with its deletion, so that we can ensure such a mistake does not occur in the future. DISCLAIMER : The content of this email is confidential and intended for the recipient specified in message only. It is strictly forbidden to share any part of this message with any third party, without a written consent of the sender. If you received this message by mistake, please reply to this message and follow with its deletion, so that we can ensure such a mistake does not occur in the future. ___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users
[PacketFence-users] ldap authentication failed
Hello everyone, I m facing issue when I m trying to authenticate with LDAP user. ERROR, chrooted_mschap: Program returned code (1) and output 'The attempted logon is invalid. This is either due to a bad username or authentication information. (0xc06d)' how to resolve this issue. Thanks & Regards, Nikunj Vachhani. Network Engineer. 99091 10490 DISCLAIMER : The content of this email is confidential and intended for the recipient specified in message only. It is strictly forbidden to share any part of this message with any third party, without a written consent of the sender. If you received this message by mistake, please reply to this message and follow with its deletion, so that we can ensure such a mistake does not occur in the future. ___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users